Lucene search

MitreCVELIST:CVE-2020-35789

HistoryDec 29, 2020 - 11:40 p.m.

CVE-2020-35789

2020-12-2923:40:03

mitre

www.cve.org

netgear nms300

command injection

authenticated user

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.003

Percentile

65.8%

JSON

NETGEAR NMS300 devices before 1.6.0.27 are affected by command injection by an authenticated user.

References

kb.netgear.com/000062686/Security-Advisory-for-Post-Authentication-Command-Injection-on-NMS300-PSV-2020-0559

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.003

Percentile

65.8%

JSON

Related for CVELIST:CVE-2020-35789