CVE-2020-35784

Published: Dec 30, 2020Modified: Nov 21, 2024

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: NVD

Description

Certain NETGEAR devices are affected by lack of access control at the function level. This affects JGS516PE before 2.6.0.48, JGS524PE before 2.6.0.48, JGS524Ev2 before 2.6.0.48, and GS116Ev2 before 2.6.0.48.

Affected (4)

Products: Netgear: Jgs516pe Firmware, Jgs524e Firmware, Jgs524pe Firmware, Gs116e Firmware

4 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Jgs516pe Firmware	Before 2.6.0.48

Running on/with	Platform Versions
Netgear Jgs516pe	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Jgs524e Firmware	Before 2.6.0.48

Running on/with	Platform Versions
Netgear Jgs524e	Version v2

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Jgs524pe Firmware	Before 2.6.0.48

Running on/with	Platform Versions
Netgear Jgs524pe	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs116e Firmware	Before 2.6.0.48

Running on/with	Platform Versions
Netgear Gs116e	Version v2

References (2)

https://kb.netgear.com/000062638/Security-Advisory-for-Missing-Function-Level-Access-Control-on-Some-Smart-Managed-Plus-Switches-PSV-2020-0396

Source: cve@mitre.org

Vendor Advisory

https://kb.netgear.com/000062638/Security-Advisory-for-Missing-Function-Level-Access-Control-on-Some-Smart-Managed-Plus-Switches-PSV-2020-0396

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.