CVE-2020-26919

Published: 09/10/2020 Updated: 19/10/2020

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

NETGEAR JGS516PE devices prior to 2.6.0.43 are affected by lack of access control at the function level.

Vulnerable Product	Search on Vulmon	Subscribe to Product
netgear jgs516pe_firmware

This Netgear SOHO switch has 15 – count 'em! – vulns, which means you need to upgrade the firmware... now

The Register • Gareth Corfield • 11 Mar 2021

One of them is a critical RCE bug If you own one of these 45 Netgear devices, replace it: Kit maker won't patch vulnerable gear despite live proof-of-concept code

Netgear has released a swathe of security and firmware updates for its JGS516PE Ethernet switch after researchers from NCC Group discovered 15 vulnerabilities in the device – including an unauthenticated remote code execution flaw. The switch is vulnerable to nine high-severity vulns and a further five medium-rated ones, said NCC Group IT security consultant Manuel Ginés Rodriquez in a damning blog post about his findings. The critical vuln, an RCE (CVE-2020-26919), came about because firmwar...

CVE-2020-26919

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect