CVE-2016-11055
https://notcve.org/view.php?id=CVE-2016-11055
Certain NETGEAR devices are affected by CSRF. This affects CM400 before 2017-01-11, CM600 before 2017-01-11, D1500 before 2017-01-11, D500 before 2017-01-11, DST6501 before 2017-01-11, JNR1010v1 before 2017-01-11, JWNR2000Tv3 before 2017-01-11, JWNR2010v3 before 2017-01-11, PLW1000 before 2017-01-11, PLW1010 before 2017-01-11, WNR500 before 2017-01-11, WNR612v3 before 2017-01-11, N450 before 2017-01-11, and CG3000Dv2 before 2017-01-11. Determinados dispositivos de NETGEAR están afectados por una vulnerabilidad de tipo CSRF. Esto afecta a CM400 antes del 11-01-2017, CM600 antes del 11-01-2017, D1500 antes del 11-01-2017, D500 antes del 11-01-2017, DST6501 antes del 11-01-2017, JNR1010v1 antes del 11-01-2017, JWNR2000Tv3 antes del 11-01-2017, JWNR2010v3 antes del 11-01-2017, PLW1000 antes del 11-01-2017, PLW1010 antes del 11-01-2017, WNR500 antes del 11-01-2017, WNR612v3 antes del 11-01-2017, N450 antes del 11-01-2017, y CG3000Dv2 antes del 11-01-2017. • https://kb.netgear.com/30114/NETGEAR-Product-Vulnerability-Advisory-CSRF-LocalFile-XSS • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2017-18766
https://notcve.org/view.php?id=CVE-2017-18766
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects DST6501 before 1.1.0.6 and WNR2000v2 before 1.2.0.8. Determinados dispositivos NETGEAR están afectados por una capacidad del atacante para leer archivos arbitrarios. Esto afecta a DST6501 versiones anteriores a 1.1.0.6 y WNR2000v2 versiones anteriores a 1.2.0.8. • https://kb.netgear.com/000051479/Security-Advisory-for-Arbitrary-File-Read-on-DST6501-and-WNR2000v2-PSV-2017-0425 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •