CVE-2019-20676

Published: 15/04/2020 Updated: 23/04/2020

CVSS v2 Base Score: 3.6 | Impact Score: 4.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 6 | Impact Score: 5.2 | Exploitability Score: 0.8

VMScore: 320

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N

Certain NETGEAR devices are affected by lack of access control at the function level. This affects FS728TLP prior to 1.0.1.26, GS105Ev2 prior to 1.6.0.4, GS105PE prior to 1.6.0.4, GS108Ev3 prior to 2.06.08, GS108PEv3 prior to 2.06.08, GS110EMX prior to 1.0.1.4, GS116Ev2 prior to 2.6.0.35, GS408EPP prior to 1.0.0.15, GS724TPv2 prior to 1.1.1.29, GS808E prior to 1.7.0.7, GS810EMX prior to 1.7.1.1, GS908E prior to 1.7.0.3, GSS108E prior to 1.6.0.4, GSS108EPP prior to 1.0.0.15, GSS116E prior to 1.6.0.9, JGS516PE prior to 2.6.0.35, JGS524Ev2 prior to 2.6.0.35, JGS524PE prior to 2.6.0.35, XS512EM prior to 1.0.1.1, XS708Ev2 prior to 1.6.0.23, XS716E prior to 1.6.0.23, and XS724EM prior to 1.0.1.1.

Vulnerable Product	Search on Vulmon	Subscribe to Product
netgear fs728tlp firmware
netgear gs105e firmware
netgear gs105pe firmware
netgear gs108e firmware
netgear gs108pe firmware
netgear gs110emx firmware
netgear gs116e firmware
netgear gs408epp firmware
netgear gs724tp firmware
netgear gs808e firmware
netgear gs810emx firmware
netgear gs908e firmware
netgear gss108e firmware
netgear gss108epp firmware
netgear gss116e firmware
netgear jgs516pe firmware
netgear jgs524e firmware
netgear jgs524pe firmware
netgear xs512em firmware
netgear xs708e firmware
netgear xs716e firmware
netgear xs724em firmware

CWE-862 https://kb.netgear.com/000061463/Security-Advisory-for-Missing-Function-Level-Access-Control-on-Some-Switches-PSV-2018-0542 https://nvd.nist.gov

CVE-2019-20676

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect