CVE-2017-18787
Description
Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6050, before 1.0.1.12, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Multiple NETGEAR routers are affected by a pre-authentication command injection vulnerability allowing unauthenticated attackers to execute arbitrary commands.
Vulnerability
Several NETGEAR router models are vulnerable to command injection via the firmware. Affected devices include D6200 before 1.1.00.24, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6050 before 1.0.1.12, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. The exact input vector is not disclosed in available references, but the issue allows injection of operating system commands through an unspecified interface [1]. No authentication is required to reach the vulnerable code path [1].
Exploitation
An attacker must be on the local network (LAN) and can send a crafted request to the device. The CVSS vector indicates low attack complexity and no privileges required (AV:L/AC:L/PR:N/UI:N), suggesting that no user interaction is needed and the attack can be performed from the local network without authentication [1]. Specific steps are not provided in the advisory, but the flaw is classified as command injection, implying that the attacker can directly inject shell commands into a parameter handled by the router's web interface or other service [1].
Impact
Successful exploitation allows an unauthenticated attacker to execute arbitrary commands with root-level privileges on the affected device. This can lead to full compromise of the router, including complete loss of confidentiality, integrity, and availability (C:H/I:H/A:H) [1]. Attackers could modify device configuration, intercept traffic, install malware, or use the router as a pivot point for further network attacks.
Mitigation
NETGEAR released fixed firmware versions for all affected models [1]. Users should update to the following versions or later: - D6200: 1.1.00.24 - JNR1010v2: 1.1.0.44 - JR6150: 1.0.1.12 - JWNR2010v5: 1.1.0.44 - PR2000: 1.0.0.20 - R6050: 1.0.1.12 - WNR1000v4: 1.1.0.44 - WNR2020: 1.1.0.44 - WNR2050: 1.1.0.44 No workarounds are mentioned; the vendor recommends immediate firmware update [1]. The CVE is not listed in known exploited vulnerabilities catalog (as of publication).
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- NETGEAR/D6200description
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- kb.netgear.com/000049528/Security-Advisory-for-Command-Injection-on-Some-Routers-PSV-2017-2948mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.