CVE-2019-20658

Published: Apr 15, 2020Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects FS728TLP before 1.0.1.26, GS105Ev2 before 1.6.0.4, GS105PE before 1.6.0.4, GS108Ev3 before 2.06.08, GS108PEv3 before 2.06.08, GS110EMX before 1.0.1.4, GS116Ev2 before 2.6.0.35, GS408EPP before 1.0.0.15, GS808E before 1.7.0.7, GS810EMX before 1.7.1.1, GS908E before 1.7.0.3, GSS108E before 1.6.0.4, GSS108EPP before 1.0.0.15, GSS116E before 1.6.0.9, JGS516PE before 2.6.0.35, JGS524Ev2 before 2.6.0.35, JGS524PE before 2.6.0.35, XS512EM before 1.0.1.1, XS708Ev2 before 1.6.0.23, XS716E before 1.6.0.23, and XS724EM before 1.0.1.1.

Affected (21)

Products: Netgear: Fs728tlp Firmware, Gs105e Firmware, Gs105pe Firmware, Gs108e Firmware, Gs108pe Firmware, Gs110emx Firmware, Gs116e Firmware, Gs408epp Firmware, Gs808e Firmware, Gs810emx Firmware, Gs908e Firmware, Gss108e Firmware, Gss108epp Firmware, Gss116e Firmware, Jgs516pe Firmware, Jgs524e Firmware, Jgs524pe Firmware, Xs512em Firmware, Xs708e Firmware, Xs716e Firmware, Xs724em Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Fs728tlp Firmware	Before 1.0.1.26

Running on/with	Platform Versions
Netgear Fs728tlp	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs105e Firmware	Before 1.6.0.4

Running on/with	Platform Versions
Netgear Gs105e	Version v2

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs105pe Firmware	Before 1.6.0.4

Running on/with	Platform Versions
Netgear Gs105pe	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs108e Firmware	Before 2.06.08

Running on/with	Platform Versions
Netgear Gs108e	Version v3

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs108pe Firmware	Before 2.06.08

Running on/with	Platform Versions
Netgear Gs108pe	Version v3

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs110emx Firmware	Before 1.0.1.4

Running on/with	Platform Versions
Netgear Gs110emx	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs116e Firmware	Before 2.6.0.35

Running on/with	Platform Versions
Netgear Gs116e	Version v2

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs408epp Firmware	Before 1.0.0.15

Running on/with	Platform Versions
Netgear Gs408epp	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs808e Firmware	Before 1.7.0.7

Running on/with	Platform Versions
Netgear Gs808e	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs810emx Firmware	Before 1.7.1.1

Running on/with	Platform Versions
Netgear Gs810emx	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs908e Firmware	Before 1.7.0.3

Running on/with	Platform Versions
Netgear Gs908e	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gss108e Firmware	Before 1.6.0.4

Running on/with	Platform Versions
Netgear Gss108e	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gss108epp Firmware	Before 1.0.0.15

Running on/with	Platform Versions
Netgear Gss108epp	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gss116e Firmware	Before 1.6.0.9

Running on/with	Platform Versions
Netgear Gss116e	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Jgs516pe Firmware	Before 2.6.0.35

Running on/with	Platform Versions
Netgear Jgs516pe	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Jgs524e Firmware	Before 2.6.0.35

Running on/with	Platform Versions
Netgear Jgs524e	Version v2

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Jgs524pe Firmware	Before 2.6.0.35

Running on/with	Platform Versions
Netgear Jgs524pe	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Xs512em Firmware	Before 1.0.1.1

Running on/with	Platform Versions
Netgear Xs512em	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Xs708e Firmware	Before 1.6.0.23

Running on/with	Platform Versions
Netgear Xs708e	Version v2

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Xs716e Firmware	Before 1.6.0.23

Running on/with	Platform Versions
Netgear Xs716e	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Xs724em Firmware	Before 1.0.1.1

Running on/with	Platform Versions
Netgear Xs724em	All versions

References (2)

https://kb.netgear.com/000061481/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Switches-PSV-2018-0612

Source: cve@mitre.org

Vendor Advisory

https://kb.netgear.com/000061481/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Switches-PSV-2018-0612

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.