Lucene search

MitreCVE-2019-20681

HistoryApr 15, 2020 - 8:15 p.m.

CVE-2019-20681

2020-04-1520:15:14

mitre

web.nvd.nist.gov

cve-2019-20681

netgear

authentication bypass

d6200

d7000

jr6150

pr2000

r6050

r6120

r6220

r6260

r6700v2

r6800

r6900v2

vulnerability

nvd

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

42.8%

JSON

Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.34, D7000 before 1.0.1.68, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6050 before 1.0.1.18, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, and R6900v2 before 1.2.0.36.

Affected configurations

Nvd

Node

netgeard6200_firmwareRange<1.1.00.34

AND

netgeard6200Match-

Node

netgeard7000_firmwareRange<1.0.1.68

AND

netgeard7000Match-

Node

netgearjr6150_firmwareRange<1.0.1.18

AND

netgearjr6150Match-

Node

netgearpr2000_firmwareRange<1.0.0.28

AND

netgearpr2000Match-

Node

netgearr6050_firmwareRange<1.0.1.18

AND

netgearr6050Match-

Node

netgearr6120_firmwareRange<1.0.0.46

AND

netgearr6120Match-

Node

netgearr6220_firmwareRange<1.1.0.80

AND

netgearr6220Match-

Node

netgearr6260_firmwareRange<1.1.0.64

AND

netgearr6260Match-

Node

netgearr6700_firmwareRange<1.2.0.36

AND

netgearr6700Matchv2

Node

netgearr6800_firmwareRange<1.2.0.36

AND

netgearr6800Match-

Node

netgearr6900_firmwareRange<1.2.0.36

AND

netgearr6900Matchv2

VendorProductVersionCPE
netgeard6200_firmware*cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*
netgeard6200-cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*
netgeard7000_firmware*cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*
netgeard7000-cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*
netgearjr6150_firmware*cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*
netgearjr6150-cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*
netgearpr2000_firmware*cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*
netgearpr2000-cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*
netgearr6050_firmware*cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*
netgearr6050-cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netgear	d6200_firmware	*	cpe:2.3:o:netgear:d6200_firmware::::::::
netgear	d6200	-	cpe:2.3:h:netgear:d6200:-:::::::*
netgear	d7000_firmware	*	cpe:2.3:o:netgear:d7000_firmware::::::::
netgear	d7000	-	cpe:2.3:h:netgear:d7000:-:::::::*
netgear	jr6150_firmware	*	cpe:2.3:o:netgear:jr6150_firmware::::::::
netgear	jr6150	-	cpe:2.3:h:netgear:jr6150:-:::::::*
netgear	pr2000_firmware	*	cpe:2.3:o:netgear:pr2000_firmware::::::::
netgear	pr2000	-	cpe:2.3:h:netgear:pr2000:-:::::::*
netgear	r6050_firmware	*	cpe:2.3:o:netgear:r6050_firmware::::::::
netgear	r6050	-	cpe:2.3:h:netgear:r6050:-:::::::*

Rows per page:

1-10 of 221

References

kb.netgear.com/000061458/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-and-Gateways-PSV-2018-0346

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

42.8%

JSON

Related for CVE-2019-20681