CVE-2019-20699

CRITICAL

9.8

Description

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects GS105Ev2 before 1.6.0.4, GS105PE before 1.6.0.4, GS408EPP before 1.0.0.15, GS808E before 1.7.0.7, GS908E before 1.7.0.3, GSS108E before 1.6.0.4, and GSS108EPP before 1.0.0.15.

Details CVE

Score CVSS v3.19.8

SeveriteCRITICAL

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurNONE

Publie4/16/2020

Derniere modification11/21/2024

Sourcenvd

Observations honeypot0

Produits affectes

netgear:gs105enetgear:gs105e_firmwarenetgear:gs105penetgear:gs105pe_firmwarenetgear:gs408eppnetgear:gs408epp_firmwarenetgear:gs808enetgear:gs808e_firmwarenetgear:gs908enetgear:gs908e_firmwarenetgear:gss108enetgear:gss108e_firmwarenetgear:gss108eppnetgear:gss108epp_firmware

Faiblesses (CWE)

CWE-120

References

https://kb.netgear.com/000061230/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Switches-PSV-2018-0538(cve@mitre.org)

https://kb.netgear.com/000061230/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Switches-PSV-2018-0538(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.