CVE-2020-35799
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD
Description
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6200 before 1.1.00.32, D7000 before 1.0.1.68, D7800 before 1.0.1.56, DM200 before 1.0.0.61, EX2700 before 1.0.1.52, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.74, EX6400 before 1.0.2.140, EX7300 before 1.0.2.140, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7500v2 before 1.0.3.40, R7800 before 1.0.2.62, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.78, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, XR450 before 2.3.2.32, and XR500 before 2.3.2.32.
Affected (46)
Products: Netgear: D3600 Firmware, D6000 Firmware, D6200 Firmware, D7000 Firmware, D7800 Firmware, Dm200 Firmware, Ex2700 Firmware, Ex6100v2 Firmware, Ex6150v2 Firmware, Ex6200v2 Firmware, Ex6400 Firmware, Ex7300 Firmware, Ex8000 Firmware, Jr6150 Firmware, Pr2000 Firmware, R6020 Firmware, R6050 Firmware, R6080 Firmware, R6120 Firmware, R6220 Firmware, R6230 Firmware, R6260 Firmware, R6700v2 Firmware, R6800 Firmware, R6900v2 Firmware, R7500v2 Firmware, R7800 Firmware, R8900 Firmware, R9000 Firmware, Rbk20 Firmware, Rbr20 Firmware, Rbs20 Firmware, Rbk40 Firmware, Rbr40 Firmware, Rbs40 Firmware, Rbk50 Firmware, Rbr50 Firmware, Rbs50 Firmware, Wn2000rptv3 Firmware, Wn3000rpv2 Firmware, Wn3000rpv3 Firmware, Wn3100rpv2 Firmware, Wnr2000v5 Firmware, Wnr2020 Firmware, Xr450 Firmware, Xr500 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.76 |
| Running on/with | Platform Versions |
|---|---|
Netgear D3600 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.078 |
| Running on/with | Platform Versions |
|---|---|
Netgear D6000 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.00.32 |
| Running on/with | Platform Versions |
|---|---|
Netgear D6200 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.68 |
| Running on/with | Platform Versions |
|---|---|
Netgear D7000 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.56 |
| Running on/with | Platform Versions |
|---|---|
Netgear D7800 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.61 |
| Running on/with | Platform Versions |
|---|---|
Netgear Dm200 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.52 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex2700 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.76 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex6100v2 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.76 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex6150v2 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.74 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex6200v2 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.140 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex6400 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.140 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex7300 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.186 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex8000 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.18 |
| Running on/with | Platform Versions |
|---|---|
Netgear Jr6150 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.28 |
| Running on/with | Platform Versions |
|---|---|
Netgear Pr2000 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.38 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6020 | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.18 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6050 | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.38 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6080 | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.46 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6120 | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.80 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6220 | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.80 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6230 | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.40 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6260 | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2.0.36 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6700v2 | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2.0.36 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6800 | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2.0.36 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6900v2 | All versions |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.40 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7500v2 | All versions |
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.62 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7800 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.4.12 |
| Running on/with | Platform Versions |
|---|---|
Netgear R8900 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.4.12 |
| Running on/with | Platform Versions |
|---|---|
Netgear R9000 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.3.0.28 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbk20 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.3.0.28 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbr20 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.3.0.28 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbs20 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.3.0.28 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbk40 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.3.0.28 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbr40 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.3.0.28 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbs40 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.3.0.32 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbk50 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.3.0.32 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbr50 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.3.0.32 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbs50 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.34 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wn2000rptv3 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.78 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wn3000rpv2 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.78 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wn3000rpv3 | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.66 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wn3100rpv2 | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.70 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wnr2000v5 | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.62 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wnr2020 | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.3.2.32 |
| Running on/with | Platform Versions |
|---|---|
Netgear Xr450 | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.3.2.32 |
| Running on/with | Platform Versions |
|---|---|
Netgear Xr500 | All versions |
References (2)
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.