CSRF in Netgear Dgn2200_firmware
CVE-2017-6366
Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0.20 through 10.0.0.50 allows remote attackers to hijack the authentication of users for requests that perform DNS lookups via the host_name para…
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.035 (87.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.
Affected products
Weakness classification (CWE)
References
- cve@mitre.org (VDB Entry, Third Party Advisory, exploit, x_refsource_EXPLOIT-DB)
Frequently asked questions
- What is CVE-2017-6366?
- CVE-2017-6366 is a high-severity vulnerability in Netgear Dgn2200_firmware, classified under Cross-Site Request Forgery (CSRF). CVSS score: 8.8/10. Published 2017-03-15.
- How severe is CVE-2017-6366?
- High severity. CVSS v3 base score is 8.8 out of 10.