Published: 16/04/2020 Updated: 23/04/2020

CVSS v2 Base Score: 5.8 | Impact Score: 6.4 | Exploitability Score: 6.5

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 516

Vector: AV:A/AC:L/Au:N/C:P/I:P/A:P

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects DGN2200v1 prior to 1.0.0.58, D8500 prior to 1.0.3.42, D7000v2 prior to 1.0.0.51, D6400 prior to 1.0.0.78, D6220 prior to 1.0.0.44, JNDR3000 prior to 1.0.0.24, R8000 prior to 1.0.4.18, R8500 prior to 1.0.2.122, R8300 prior to 1.0.2.122, R7900 prior to 1.0.2.16, R7000P prior to 1.3.2.34, R7300DST prior to 1.0.0.68, R7100LG prior to 1.0.0.46, R6900P prior to 1.3.2.34, R7000 prior to 1.0.9.28, R6900 prior to 1.0.1.46, R6700 prior to 1.0.1.46, R6400v2 prior to 1.0.2.56, R6400 prior to 1.0.1.42, R6300v2 prior to 1.0.4.28, R6250 prior to 1.0.4.26, WNDR3400v3 prior to 1.0.1.22, WNDR4500v2 prior to 1.0.0.72, and WNR3500Lv2 prior to 1.2.0.50.

Vulnerable Product	Search on Vulmon	Subscribe to Product
netgear dgn2200_firmware
netgear d8500_firmware
netgear d7000_firmware
netgear d6400_firmware
netgear d6220_firmware
netgear jndr3000_firmware
netgear r8000_firmware
netgear r8500_firmware
netgear r8300_firmware
netgear r7900_firmware
netgear r7000p_firmware
netgear r7300dst_firmware
netgear r7100lg_firmware
netgear r6900p_firmware
netgear r7000_firmware
netgear r6900_firmware
netgear r6700_firmware
netgear r6400_firmware
netgear r6300_firmware
netgear r6250_firmware
netgear wndr3400_firmware
netgear wndr4500_firmware
netgear wnr3500l_firmware

CWE-787 https://kb.netgear.com/000060629/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Modem-Routers-PSV-2018-0085 https://nvd.nist.gov

CVE-2019-20753

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect