CVE-2018-11106

Summary

NETGEAR has released fixes for a pre-authentication command injection in request_handler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to 6.5.3.5; WC7600v2, running firmware versions prior to 6.5.3.5; and WC9500, running firmware versions prior to 6.5.3.5.

Affected Software

VendorProductVersion RangeStatus
NETGEARWC7500firmware versions prior to 6.5.3.5affected
NETGEARWC7520firmware versions prior to 2.5.0.46affected
NETGEARWC7600v1firmware versions prior to 6.5.3.5affected
NETGEARWC7600v2firmware versions prior to 6.5.3.5affected
NETGEARWC9500firmware versions prior to 6.5.3.5affected

Weaknesses

  • Other

ADP Enrichment

CVE Program Container

Additional References

References