Certain NETGEAR devices are affected by lack of access control at the function level. This affects JGS516PE prior to 2.6.0.48, JGS524Ev2 prior to 2.6.0.48, JGS524PE prior to 2.6.0.48, and GS116Ev2 prior to 2.6.0.48. The TFTP firmware update mechanism does not properly implement firmware validations, allowing remote malicious users to write arbitrary data to internal memory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netgear jgs516pe firmware |
||
netgear jgs524e firmware |
||
netgear jgs524pe firmware |
||
netgear gs116e firmware |