CVE-2017-5521 — NETGEAR Multiple Devices Exposure of Sensitive Information Vulnerability
2022-09-08 • CISA Known Exploited Vulnerability
[event] Multiple NETGEAR devices are prone to admin password disclosure via simple crafted requests to the web management server.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | NETGEAR |
| Product | Multiple Devices |
| CWE | CWE-200 |
| CVE ID | CVE-2017-5521 |
| Date Added | 2022-09-08 |
| Due Date | 2022-09-29 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions. If the affected device has since entered end-of-life, it should be disconnected if still in use.
Due Date: 2022-09-29