Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netgear gs116e firmware 2.6.0.43 vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2020-35228
A cross-site scripting (XSS) vulnerability in the administration web panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allows remote malicious users to inject arbitrary web script or HTML via the language parameter.
Netgear Gs116e Firmware 2.6.0.43
Netgear Jgs516pe Firmware 2.6.0.43
6.8
CVSSv3
CVE-2020-35230
Multiple integer overflow parameters were found in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices. Most of the integer parameters sent through the web server can be abused to cause a denial of service attack.
Netgear Gs116e Firmware 2.6.0.43
Netgear Jgs516pe Firmware 2.6.0.43
8.8
CVSSv3
CVE-2020-35231
The NSDP protocol implementation on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was affected by an authentication issue that allows an malicious user to bypass access controls and obtain full control of the device.
Netgear Gs116e Firmware 2.6.0.43
Netgear Jgs516pe Firmware 2.6.0.43
6.5
CVSSv3
CVE-2020-35233
The TFTP server fails to handle multiple connections on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices, and allows external malicious users to force device reboots by sending concurrent connections, aka a denial of service attack.
Netgear Gs116e Firmware 2.6.0.43
Netgear Jgs516pe Firmware 2.6.0.43
7.2
CVSSv3
CVE-2020-35227
A buffer overflow vulnerability in the access control section on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices (in the administration web panel) allows an malicious user to inject IP addresses into the whitelist via the checkedList parameter to the delete command.
Netgear Gs116e Firmware 2.6.0.43
Netgear Jgs516pe Firmware 2.6.0.43
7.1
CVSSv3
CVE-2020-35226
NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allow unauthenticated users to modify the switch DHCP configuration by sending the corresponding write request command.
Netgear Gs116e Firmware 2.6.0.43
Netgear Jgs516pe Firmware 2.6.0.43
8.8
CVSSv3
CVE-2020-35229
The authentication token required to execute NSDP write requests on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices is not properly invalidated and can be reused until a new token is generated, which allows attackers (with access to network traffic) to effectively gain administrative...
Netgear Gs116e Firmware 2.6.0.43
Netgear Jgs516pe Firmware 2.6.0.43
8.8
CVSSv3
CVE-2020-35221
The hashing algorithm implemented for NSDP password authentication on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was found to be insecure, allowing attackers (with access to a network capture) to quickly generate multiple collisions to generate valid passwords, or infer some par...
Netgear Gs116e Firmware 2.6.0.43
Netgear Jgs516pe Firmware 2.6.0.43
8.8
CVSSv3
CVE-2020-35223
The CSRF protection mechanism implemented in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices could be bypassed by omitting the CSRF token parameter in HTTP requests.
Netgear Gs116e Firmware 2.6.0.43
Netgear Jgs516pe Firmware 2.6.0.43
6.8
CVSSv3
CVE-2020-35225
The NSDP protocol implementation on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was not properly validating the length of string parameters sent in write requests, potentially allowing denial of service attacks.
Netgear Gs116e Firmware 2.6.0.43
Netgear Jgs516pe Firmware 2.6.0.43
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »