{"containers":{"cna":{"affected":[{"product":"WC7500","vendor":"NETGEAR","versions":[{"status":"affected","version":"firmware versions prior to 6.5.3.5"}]},{"product":"WC7520","vendor":"NETGEAR","versions":[{"status":"affected","version":"firmware versions prior to 2.5.0.46"}]},{"product":"WC7600v1","vendor":"NETGEAR","versions":[{"status":"affected","version":"firmware versions prior to 6.5.3.5"}]},{"product":"WC7600v2","vendor":"NETGEAR","versions":[{"status":"affected","version":"firmware versions prior to 6.5.3.5"}]},{"product":"WC9500","vendor":"NETGEAR","versions":[{"status":"affected","version":"firmware versions prior to 6.5.3.5"}]}],"datePublic":"2018-05-10T00:00:00.000Z","descriptions":[{"lang":"en","value":"NETGEAR has released fixes for a pre-authentication command injection in request_handler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to 6.5.3.5; WC7600v2, running firmware versions prior to 6.5.3.5; and WC9500, running firmware versions prior to 6.5.3.5."}],"problemTypes":[{"descriptions":[{"description":"Other","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2020-04-01T16:31:45.000Z","orgId":"a2826606-91e7-4eb6-899e-8484bd4575d5","shortName":"netgear"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://kb.netgear.com/000058243/Security-Advisory-for-Pre-Authentication-Command-Injection-in-request-handler-php-on-Some-Wireless-Controllers-PSV-2018-0051"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security@netgear.com","ID":"CVE-2018-11106","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"WC7500","version":{"version_data":[{"version_value":"firmware versions prior to 6.5.3.5"}]}},{"product_name":"WC7520","version":{"version_data":[{"version_value":"firmware versions prior to 2.5.0.46"}]}},{"product_name":"WC7600v1","version":{"version_data":[{"version_value":"firmware versions prior to 6.5.3.5"}]}},{"product_name":"WC7600v2","version":{"version_data":[{"version_value":"firmware versions prior to 6.5.3.5"}]}},{"product_name":"WC9500","version":{"version_data":[{"version_value":"firmware versions prior to 6.5.3.5"}]}}]},"vendor_name":"NETGEAR"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"NETGEAR has released fixes for a pre-authentication command injection in request_handler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to 6.5.3.5; WC7600v2, running firmware versions prior to 6.5.3.5; and WC9500, running firmware versions prior to 6.5.3.5."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Other"}]}]},"references":{"reference_data":[{"name":"https://kb.netgear.com/000058243/Security-Advisory-for-Pre-Authentication-Command-Injection-in-request-handler-php-on-Some-Wireless-Controllers-PSV-2018-0051","refsource":"CONFIRM","url":"https://kb.netgear.com/000058243/Security-Advisory-for-Pre-Authentication-Command-Injection-in-request-handler-php-on-Some-Wireless-Controllers-PSV-2018-0051"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-05T07:54:36.460Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://kb.netgear.com/000058243/Security-Advisory-for-Pre-Authentication-Command-Injection-in-request-handler-php-on-Some-Wireless-Controllers-PSV-2018-0051"}]}]},"cveMetadata":{"assignerOrgId":"a2826606-91e7-4eb6-899e-8484bd4575d5","assignerShortName":"netgear","cveId":"CVE-2018-11106","datePublished":"2020-04-01T16:31:45.000Z","dateReserved":"2018-05-15T00:00:00.000Z","dateUpdated":"2024-08-05T07:54:36.460Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}