CVE-2018-21094 - OpenCVE

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects WAC120 before 2.1.7, WAC505 before 5.0.5.4, WAC510 before 5.0.5.4, WNAP320 before 3.7.11.4, WNAP210v2 before 3.7.11.4, WNDAP350 before 3.7.11.4, WNDAP360 before 3.7.11.4, WNDAP660 before 3.7.11.4, WNDAP620 before 2.1.7, WND930 before 2.1.5, and WN604 before 3.3.10.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Netgear	Wnap210 Firmware Wac510 Firmware Wndap350 Wndap660 Wac505 Wndap360 Firmware Wndap350 Firmware Wac120 Wac505 Firmware Wac120 Firmware Wnap210 Wn604 Firmware Wndap360 Wnap320 Firmware Wndap620 Wndap620 Firmware Wnap320 Wndap660 Firmware Wnd930 Wnd930 Firmware Wac510 Wn604

Configuration 1 [-]

AND

cpe:2.3:o:netgear:wac120_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wac120:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:netgear:wac505_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wac505:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:netgear:wac510_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wac510:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:netgear:wnap320_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wnap320:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:netgear:wnap210_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wnap210:v2:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:netgear:wndap350_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wndap350:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:netgear:wndap360_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wndap360:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:netgear:wndap660_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wndap660:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:netgear:wndap620_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wndap620:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:netgear:wnd930_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wnd930:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:netgear:wn604_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wn604:-:*:*:*:*:*:*:*

References

Link	Resource
https://kb.netgear.com/000060460/Security-Advisory-for-a-Security-Misconfiguration-on-Some-Wireless-Access-Points-PSV-2018-0350	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2020-04-27T14:42:14

Updated: 2020-04-27T14:42:14

Reserved: 2020-04-20T00:00:00

Link: CVE-2018-21094

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-04-27T15:15:12.143

Modified: 2020-05-04T15:17:47.837

Link: CVE-2018-21094

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other