CVE-2017-18847

Vulnerability

An arbitrary file read vulnerability exists in the firmware of multiple NETGEAR router models, allowing an unauthenticated attacker to read arbitrary files from the device. Affected models include R6400v2 before 1.0.2.32, R7000P/R6900P before 1.0.0.56, R7900 before 1.0.1.18, R8300 before 1.0.2.100_1.0.82, R8500 before 1.0.2.100_1.0.82, and D8500 before 1.0.3.29. [1]

Exploitation

According to the advisory, an attacker with local network access can exploit this vulnerability without authentication or user interaction. The CVSS vector (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) indicates low attack complexity and no privileges required. [1]

Impact

Successful exploitation allows an attacker to read arbitrary files on the device, potentially exposing sensitive information such as credentials, configuration data, or other confidential content. The confidentiality impact is high, while integrity and availability are not affected. [1]

Mitigation

NETGEAR has released firmware updates to address this vulnerability. Users should update to the following versions: R6400v2 to 1.0.2.32, R7000P/R6900P to 1.0.0.56, R7900 to 1.0.1.18, R8300 to 1.0.2.100_1.0.82, R8500 to 1.0.2.100_1.0.82, and D8500 to 1.0.3.29. No workarounds are mentioned in the advisory. [1]