Lucene search

[email protected]NVD:CVE-2019-20730

HistoryApr 16, 2020 - 8:15 p.m.

CVE-2019-20730

2020-04-1620:15:13

CWE-89

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

0.001

Percentile

49.5%

JSON

Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DC112A before 1.0.0.40, EX8000 before 1.0.0.118, JR6150 before 1.0.1.18, R6050 before 1.0.1.18, R6220 before 1.1.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6700v2 before 1.2.0.16, R6800 before 1.2.0.16, R6900v2 before 1.2.0.16, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500 before 1.0.0.118, R7500v2 before 1.0.3.26, R7800 before 1.0.2.40, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.6, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.56, and WNDR4500v3 before 1.0.0.56.

Affected configurations

Nvd

Node

netgeard3600_firmwareRange<1.0.0.68

AND

netgeard3600Match-

Node

netgeard6000_firmwareRange<1.0.0.68

AND

netgeard6000Match-

Node

netgeard6200_firmwareRange<1.1.00.28

AND

netgeard6200Match-

Node

netgeard6220_firmwareRange<1.0.0.40

AND

netgeard6220Match-

Node

netgeard6400_firmwareRange<1.0.0.74

AND

netgeard6400Match-

Node

netgeard7000_firmwareRange<1.0.1.60

AND

netgeard7000Match-

Node

netgeard7000_firmwareRange<1.0.0.74

AND

netgeard7000Matchv2

Node

netgeard7800_firmwareRange<1.0.1.34

AND

netgeard7800Match-

Node

netgeard8500_firmwareRange<1.0.3.39

AND

netgeard8500Match-

Node

netgeardc112a_firmwareRange<1.0.0.40

AND

netgeardc112aMatch-

Node

netgearex8000_firmwareRange<1.0.0.118

AND

netgearex8000Match-

Node

netgearjr6150_firmwareRange<1.0.1.18

AND

netgearjr6150Match-

Node

netgearr6050_firmwareRange<1.0.1.18

AND

netgearr6050Match-

Node

netgearr6220_firmwareRange<1.1.0.66

AND

netgearr6220Match-

Node

netgearr6250_firmwareRange<1.0.4.26

AND

netgearr6250Match-

Node

netgearr6300_firmwareRange<1.0.4.24

AND

netgearr6300Match-

Node

netgearr6400_firmwareRange<1.0.1.36

AND

netgearr6400Match-

Node

netgearr6400_firmwareRange<1.0.2.52

AND

netgearr6400Matchv2

Node

netgearr6700_firmwareRange<1.0.1.44

AND

netgearr6700Match-

Node

netgearr6700_firmwareRange<1.2.0.16

AND

netgearr6700Matchv2

Node

netgearr6800_firmwareRange<1.2.0.16

AND

netgearr6800Match-

Node

netgearr6900_firmwareRange<1.2.0.16

AND

netgearr6900Matchv2

Node

netgearr6900_firmwareRange<1.0.1.44

AND

netgearr6900Match-

Node

netgearr7000_firmwareRange<1.0.9.26

AND

netgearr7000Match-

Node

netgearr6900p_firmwareRange<1.3.0.20

AND

netgearr6900pMatch-

Node

netgearr7000p_firmwareRange<1.3.0.20

AND

netgearr7000pMatch-

Node

netgearr7100lg_firmwareRange<1.0.0.40

AND

netgearr7100lgMatch-

Node

netgearr7300dst_firmwareRange<1.0.0.62

AND

netgearr7300dstMatch-

Node

netgearr7500_firmwareRange<1.0.0.118

AND

netgearr7500Match-

Node

netgearr7500_firmwareRange<1.0.3.26

AND

netgearr7500Matchv2

Node

netgearr7800_firmwareRange<1.0.2.40

AND

netgearr7800Match-

Node

netgearr7900_firmwareRange<1.0.2.10

AND

netgearr7900Match-

Node

netgearr8000_firmwareRange<1.0.4.12

AND

netgearr8000Match-

Node

netgearr7900p_firmwareRange<1.3.0.10

AND

netgearr7900pMatch-

Node

netgearr8000p_firmwareRange<1.3.0.10

AND

netgearr8000pMatch-

Node

netgearr8300_firmwareRange<1.0.2.116

AND

netgearr8300Match-

Node

netgearr8500_firmwareRange<1.0.2.116

AND

netgearr8500Match-

Node

netgearr8900_firmwareRange<1.0.3.6

AND

netgearr8900Match-

Node

netgearr9000_firmwareRange<1.0.3.10

AND

netgearr9000Match-

Node

netgearwndr3700_firmwareRange<1.0.2.102

AND

netgearwndr3700Matchv4

Node

netgearwndr3700_firmwareRange<1.1.0.54

AND

netgearwndr3700Matchv5

Node

netgearwndr4300_firmwareRange<1.0.2.98

AND

netgearwndr4300Matchv1

Node

netgearwndr4300_firmwareRange<1.0.0.56

AND

netgearwndr4300Matchv2

Node

netgearwndr4500_firmwareRange<1.0.0.56

AND

netgearwndr4500Matchv3

VendorProductVersionCPE
netgeard3600_firmware*cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*
netgeard3600-cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*
netgeard6000_firmware*cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*
netgeard6000-cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*
netgeard6200_firmware*cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*
netgeard6200-cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*
netgeard6220_firmware*cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*
netgeard6220-cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*
netgeard6400_firmware*cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*
netgeard6400-cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netgear	d3600_firmware	*	cpe:2.3:o:netgear:d3600_firmware::::::::
netgear	d3600	-	cpe:2.3:h:netgear:d3600:-:::::::*
netgear	d6000_firmware	*	cpe:2.3:o:netgear:d6000_firmware::::::::
netgear	d6000	-	cpe:2.3:h:netgear:d6000:-:::::::*
netgear	d6200_firmware	*	cpe:2.3:o:netgear:d6200_firmware::::::::
netgear	d6200	-	cpe:2.3:h:netgear:d6200:-:::::::*
netgear	d6220_firmware	*	cpe:2.3:o:netgear:d6220_firmware::::::::
netgear	d6220	-	cpe:2.3:h:netgear:d6220:-:::::::*
netgear	d6400_firmware	*	cpe:2.3:o:netgear:d6400_firmware::::::::
netgear	d6400	-	cpe:2.3:h:netgear:d6400:-:::::::*

Rows per page:

1-10 of 811

References

kb.netgear.com/000061197/Security-Advisory-for-SQL-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-3056

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

0.001

Percentile

49.5%

JSON

Related for NVD:CVE-2019-20730

cve1 prion1 cvelist1