← Back

CVE-2020-13245

nvd nist
Published: May 28, 2020Modified: Nov 21, 2024

JSON object

Loading...
5.9
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Exploitability: 2.2 / Impact: 3.6
Source: NVD

Description

Certain NETGEAR devices are affected by Missing SSL Certificate Validation. This affects R7000 1.0.9.6_1.2.19 through 1.0.11.100_10.2.10, and possibly R6120, R7800, R6220, R8000, R6350, R9000, R6400, RAX120, R6400v2, RBR20, R6800, XR300, R6850, XR500, and R7000P.

Affected (14)

Netgear
14 products
R6120 Firmware
R6220 Firmware
R6350 Firmware
R6400 Firmware
R6800 Firmware
R6850 Firmware
R7000p Firmware
R7800 Firmware
R8000 Firmware
R9000 Firmware
Rax120 Firmware
Rbr20 Firmware
Xr300 Firmware
Xr500 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
R6120 Firmware
From v1.0.9.6_1.2.19 to v1.0.11.100_10.2.100
Running on/withPlatform Versions
Netgear
R6120
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
R6220 Firmware
From v1.0.9.6_1.2.19 to v1.0.11.100_10.2.100
Running on/withPlatform Versions
Netgear
R6220
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
R6350 Firmware
From v1.0.9.6_1.2.19 to v1.0.11.100_10.2.100
Running on/withPlatform Versions
Netgear
R6350
All versions
Configuration D
1 platform
Running on/withPlatform Versions
Netgear
R6400
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
R6400 Firmware
From v1.0.9.6_1.2.19 to v1.0.11.100_10.2.100
Running on/withPlatform Versions
Netgear
R6400
Version v2
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
R6800 Firmware
From v1.0.9.6_1.2.19 to v1.0.11.100_10.2.100
Running on/withPlatform Versions
Netgear
R6800
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
R6850 Firmware
From v1.0.9.6_1.2.19 to v1.0.11.100_10.2.100
Running on/withPlatform Versions
Netgear
R6850
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
R7000p Firmware
From v1.0.9.6_1.2.19 to v1.0.11.100_10.2.100
Running on/withPlatform Versions
Netgear
R7000p
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
R7800 Firmware
From v1.0.9.6_1.2.19 to v1.0.11.100_10.2.100
Running on/withPlatform Versions
Netgear
R7800
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
R8000 Firmware
From v1.0.9.6_1.2.19 to v1.0.11.100_10.2.100
Running on/withPlatform Versions
Netgear
R8000
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
R9000 Firmware
From v1.0.9.6_1.2.19 to v1.0.11.100_10.2.100
Running on/withPlatform Versions
Netgear
R9000
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rax120 Firmware
From v1.0.9.6_1.2.19 to v1.0.11.100_10.2.100
Running on/withPlatform Versions
Netgear
Rax120
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rbr20 Firmware
From v1.0.9.6_1.2.19 to v1.0.11.100_10.2.100
Running on/withPlatform Versions
Netgear
Rbr20
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Xr300 Firmware
From v1.0.9.6_1.2.19 to v1.0.11.100_10.2.100
Running on/withPlatform Versions
Netgear
Xr300
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Xr500 Firmware
From v1.0.9.6_1.2.19 to v1.0.11.100_10.2.100
Running on/withPlatform Versions
Netgear
Xr500
All versions

Related CWEs

CWE-295
Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.

References (4)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.