CVE-2017-18773 : Security Advisory and Response

A number of NETGEAR devices have been found to be vulnerable to command injection when accessed by an authenticated user.

Understanding CVE-2017-18773

What is CVE-2017-18773?

Certain NETGEAR devices are affected by command injection by an authenticated user. The impacted devices include D6100, D7800, EX6150v2, R6100, R7500, R7500v2, R7800, WNDR4300v1, WNDR4300v2, WNDR4500v3, and WNR2000v5.

The Impact of CVE-2017-18773

The vulnerability has a CVSS base score of 6.7, with high impacts on confidentiality, integrity, and availability. It requires high privileges and has a low attack complexity.

Technical Details of CVE-2017-18773

Vulnerability Description

The vulnerability allows authenticated users to perform command injection on the affected NETGEAR devices.

Affected Systems and Versions

D6100 (version before V1.0.0.55)
D7800 (version before V1.0.1.24)
EX6150v2 (version before 1.0.0.48)
R6100 (version before 1.0.1.14)
R7500 (version before 1.0.0.110)
R7500v2 (version before V1.0.3.16)
R7800 (version before V1.0.2.36)
WNDR4300v1 (version before 1.0.2.90)
WNDR4300v2 (version before 1.0.0.48)
WNDR4500v3 (version before 1.0.0.48)
WNR2000v5 (version before 1.0.0.48)

Exploitation Mechanism

The vulnerability can be exploited locally with high privileges, allowing attackers to execute arbitrary commands on the affected devices.

Mitigation and Prevention

Immediate Steps to Take

Update the firmware of the affected devices to the latest patched versions.
Restrict network access to the devices to trusted users only.

Long-Term Security Practices

Regularly monitor for security advisories and updates from NETGEAR.
Implement strong password policies and multi-factor authentication.
Conduct regular security audits and penetration testing.

Patching and Updates

Apply security patches provided by NETGEAR to address the command injection vulnerability.