CVE-2019-20699

CRITICAL

9.8

Descricao

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects GS105Ev2 before 1.6.0.4, GS105PE before 1.6.0.4, GS408EPP before 1.0.0.15, GS808E before 1.7.0.7, GS908E before 1.7.0.3, GSS108E before 1.6.0.4, and GSS108EPP before 1.0.0.15.

Detalhes CVE

Pontuacao CVSS v3.19.8

SeveridadeCRITICAL

Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vetor de ataqueNETWORK

ComplexidadeLOW

Privilegios necessariosNONE

Interacao do usuarioNONE

Publicado4/16/2020

Ultima modificacao11/21/2024

Fontenvd

Avistamentos honeypot0

Produtos afetados

netgear:gs105enetgear:gs105e_firmwarenetgear:gs105penetgear:gs105pe_firmwarenetgear:gs408eppnetgear:gs408epp_firmwarenetgear:gs808enetgear:gs808e_firmwarenetgear:gs908enetgear:gs908e_firmwarenetgear:gss108enetgear:gss108e_firmwarenetgear:gss108eppnetgear:gss108epp_firmware

Fraquezas (CWE)

CWE-120

Referencias

https://kb.netgear.com/000061230/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Switches-PSV-2018-0538(cve@mitre.org)

https://kb.netgear.com/000061230/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Switches-PSV-2018-0538(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.