CVE-2017-18838
Description
Certain NETGEAR devices are affected by privilege escalation. This affects M4300-28G before 12.0.2.15, M4300-52G before 12.0.2.15, M4300-28G-POE+ before 12.0.2.15, M4300-52G-POE+ before 12.0.2.15, M4300-8X8F before 12.0.2.15, M4300-12X12F before 12.0.2.15, M4300-24X24F before 12.0.2.15, M4300-24X before 12.0.2.15, M4300-48X before 12.0.2.15, and M4200 before 12.0.2.15.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
NETGEAR M4300 and M4200 switches vulnerable to vertical privilege escalation; firmware 12.0.2.15 fixes the issue.
Vulnerability
The devices are affected by a vertical privilege escalation vulnerability. This affects NETGEAR M4300-28G, M4300-52G, M4300-28G-POE+, M4300-52G-POE+, M4300-8X8F, M4300-12X12F, M4300-24X24F, M4300-24X, M4300-48X, and M4200 devices running firmware versions prior to 12.0.2.15 [1].
Exploitation
An attacker with local access and low privileges can exploit this vulnerability without user interaction. The attack complexity is low [1].
Impact
Successful exploitation allows an attacker to escalate privileges, potentially gaining full control over the device. This results in high impact to confidentiality, integrity, and availability [1].
Mitigation
NETGEAR has released firmware version 12.0.2.15 to fix this vulnerability. Users are strongly recommended to download and install the latest firmware from NETGEAR Support [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- NETGEAR/M4300-28Gdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.