Lucene search

MitreCVELIST:CVE-2020-35792

HistoryDec 29, 2020 - 11:39 p.m.

CVE-2020-35792

2020-12-2923:39:33

mitre

www.cve.org

netgear

command injection

authenticated user

r7500v2

r8900

r9000

r7800

CVSS3

8.3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L

EPSS

Percentile

12.6%

JSON

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7500v2 before 1.0.3.48, R8900 before 1.0.5.2, R9000 before 1.0.5.2, and R7800 before 1.0.2.68.

References

kb.netgear.com/000062682/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2019-0157

CVSS3

8.3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2020-35792