CVE-2017-18792
Description
NETGEAR D6100 devices before 1.0.0.50_0.0.50 are affected by command injection.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
NETGEAR D6100 routers running firmware before 1.0.0.50_0.0.50 are vulnerable to command injection, allowing local attackers to execute arbitrary commands.
Vulnerability
The NETGEAR D6100 router running firmware versions prior to 1.0.0.50_0.0.50 contains a command injection vulnerability. The exact component is not detailed in the advisory, but the vulnerability allows injection of operating system commands. Affected versions: all firmware before 1.0.0.50_0.0.50. [1]
Exploitation
Exploitation requires local access to the device (CVSS vector AV:L). An attacker with local network or physical access can send crafted input to trigger command injection. The advisory does not specify the exact input vector, but typical command injection in routers occurs via web interface parameters or other management interfaces. No authentication is required (PR:N) and no user interaction (UI:N). [1]
Impact
Successful exploitation allows an attacker to execute arbitrary commands with high privileges, leading to full compromise of confidentiality, integrity, and availability (C:H/I:H/A:H). The attacker can gain complete control over the device. [1]
Mitigation
NETGEAR has released firmware version 1.0.0.50_0.0.50 to fix this vulnerability. Users should update to this version or later via the NETGEAR Support page. No workarounds are mentioned. The advisory strongly recommends immediate update. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- NETGEAR/D6100description
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.