Code injection

2020-04-2415:15:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.9%

JSON

Certain NETGEAR devices are affected by an attacker’s ability to read arbitrary files. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R6900P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8500 before 1.0.2.106, R8300 before 1.0.2.106, and WNDR3400v3 before 1.0.1.16.

CPENameOperatorVersion
d6220_firmwarelt1.0.0.32
d6400_firmwarelt1.0.0.60
d8500_firmwarelt1.0.3.29
r6250_firmwarelt1.0.4.16
r6300_firmwarelt1.0.4.18
r6400_firmwarelt1.01.32
r6400_firmwarelt1.0.2.44
r6700_firmwarelt1.0.1.36
r6900_firmwarelt1.0.1.34
r6900p_firmwarelt1.3.0.8

Name	Operator	Version
d6220_firmware	lt	1.0.0.32
d6400_firmware	lt	1.0.0.60
d8500_firmware	lt	1.0.3.29
r6250_firmware	lt	1.0.4.16
r6300_firmware	lt	1.0.4.18
r6400_firmware	lt	1.01.32
r6400_firmware	lt	1.0.2.44
r6700_firmware	lt	1.0.1.36
r6900_firmware	lt	1.0.1.34
r6900p_firmware	lt	1.3.0.8