Search
Find a vulnerability
Search criteria
22 vulnerabilities found for RBR840 by NETGEAR
VAR-202006-0588
Vulnerability from variot - Updated: 2024-11-23 23:11Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR Devices contain vulnerabilities in insufficient protection of credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR.
There are security vulnerabilities in many NETGEAR products. Attackers can use this vulnerability to obtain management credentials
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0588",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbk752",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk752",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44775"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006742"
},
{
"db": "NVD",
"id": "CVE-2020-14430"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:rbk752_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk842_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk852_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk853_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr850_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs850_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006742"
}
]
},
"cve": "CVE-2020-14430",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2020-14430",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-006742",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-44775",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14430",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14430",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006742",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14430",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-14430",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-006742",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-44775",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1244",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44775"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006742"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1244"
},
{
"db": "NVD",
"id": "CVE-2020-14430"
},
{
"db": "NVD",
"id": "CVE-2020-14430"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR Devices contain vulnerabilities in insufficient protection of credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. \n\r\n\r\nThere are security vulnerabilities in many NETGEAR products. Attackers can use this vulnerability to obtain management credentials",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14430"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006742"
},
{
"db": "CNVD",
"id": "CNVD-2021-44775"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14430",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006742",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-44775",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1244",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44775"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006742"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1244"
},
{
"db": "NVD",
"id": "CVE-2020-14430"
}
]
},
"id": "VAR-202006-0588",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44775"
}
],
"trust": 1.0097272085714286
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44775"
}
]
},
"last_update_date": "2024-11-23T23:11:24.901000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Admin Credential Disclosure on Some WiFi Systems, PSV-2020-0051",
"trust": 0.8,
"url": "https://kb.netgear.com/000061939/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0051"
},
{
"title": "Patch for Information Disclosure Vulnerabilities in Multiple NETGEAR Products (CNVD-2021-44775)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/275111"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121992"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44775"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006742"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1244"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-522",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006742"
},
{
"db": "NVD",
"id": "CVE-2020-14430"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14430"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061939/security-advisory-for-admin-credential-disclosure-on-some-wifi-systems-psv-2020-0051"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-14430"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44775"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006742"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1244"
},
{
"db": "NVD",
"id": "CVE-2020-14430"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-44775"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006742"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1244"
},
{
"db": "NVD",
"id": "CVE-2020-14430"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44775"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006742"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1244"
},
{
"date": "2020-06-18T17:15:12.170000",
"db": "NVD",
"id": "CVE-2020-14430"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44775"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006742"
},
{
"date": "2020-06-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1244"
},
{
"date": "2024-11-21T05:03:15.150000",
"db": "NVD",
"id": "CVE-2020-14430"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1244"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Inadequate protection of credentials on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006742"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1244"
}
],
"trust": 0.6
}
}
VAR-202006-0935
Vulnerability from variot - Updated: 2024-11-23 23:07Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. Attackers can use this vulnerability to execute arbitrary Shell commands on the system by sending a specially crafted request. This affects RBK752 prior to 3.2.15.25, RBK753 prior to 3.2.15.25, RBK753S prior to 3.2.15.25, RBR750 prior to 3.2.15.25, RBS750 prior to 3.2.15.25, RBK842 prior to 3.2.15.25, RBR840 prior to 3.2.15.25, RBS840 prior to 3.2.15.25, RBK852 prior to 3.2.15.25, RBK853 prior to 3.2.15.25, RBR850 prior to 3.2.15.25, and RBS850 prior to 3.2.15.25
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0935",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbk752",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk752",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44783"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006685"
},
{
"db": "NVD",
"id": "CVE-2020-14438"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:rbk752_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk842_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk852_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk853_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs840_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006685"
}
]
},
"cve": "CVE-2020-14438",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2020-14438",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-006685",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.2,
"id": "CNVD-2021-44783",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14438",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14438",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006685",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14438",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-14438",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-006685",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-44783",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1254",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2020-14438",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44783"
},
{
"db": "VULMON",
"id": "CVE-2020-14438"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006685"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1254"
},
{
"db": "NVD",
"id": "CVE-2020-14438"
},
{
"db": "NVD",
"id": "CVE-2020-14438"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. Attackers can use this vulnerability to execute arbitrary Shell commands on the system by sending a specially crafted request. This affects RBK752 prior to 3.2.15.25, RBK753 prior to 3.2.15.25, RBK753S prior to 3.2.15.25, RBR750 prior to 3.2.15.25, RBS750 prior to 3.2.15.25, RBK842 prior to 3.2.15.25, RBR840 prior to 3.2.15.25, RBS840 prior to 3.2.15.25, RBK852 prior to 3.2.15.25, RBK853 prior to 3.2.15.25, RBR850 prior to 3.2.15.25, and RBS850 prior to 3.2.15.25",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14438"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006685"
},
{
"db": "CNVD",
"id": "CNVD-2021-44783"
},
{
"db": "VULMON",
"id": "CVE-2020-14438"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14438",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006685",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-44783",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1254",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-14438",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44783"
},
{
"db": "VULMON",
"id": "CVE-2020-14438"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006685"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1254"
},
{
"db": "NVD",
"id": "CVE-2020-14438"
}
]
},
"id": "VAR-202006-0935",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44783"
}
],
"trust": 1.0097272085714286
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44783"
}
]
},
"last_update_date": "2024-11-23T23:07:56.401000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentification Command Injection on Some WiFi Systems, PSV-2020-0063",
"trust": 0.8,
"url": "https://kb.netgear.com/000061941/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0063"
},
{
"title": "Patch for Operating system command injection vulnerabilities in multiple NETGEAR products (CNVD-2021-44783)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/274926"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44783"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006685"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "CWE-78",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006685"
},
{
"db": "NVD",
"id": "CVE-2020-14438"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14438"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000061941/security-advisory-for-pre-authentication-command-injection-on-some-wifi-systems-psv-2020-0063"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-14438"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/77.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44783"
},
{
"db": "VULMON",
"id": "CVE-2020-14438"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006685"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1254"
},
{
"db": "NVD",
"id": "CVE-2020-14438"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-44783"
},
{
"db": "VULMON",
"id": "CVE-2020-14438"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006685"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1254"
},
{
"db": "NVD",
"id": "CVE-2020-14438"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44783"
},
{
"date": "2020-06-18T00:00:00",
"db": "VULMON",
"id": "CVE-2020-14438"
},
{
"date": "2020-07-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006685"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1254"
},
{
"date": "2020-06-18T17:15:12.953000",
"db": "NVD",
"id": "CVE-2020-14438"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44783"
},
{
"date": "2021-07-21T00:00:00",
"db": "VULMON",
"id": "CVE-2020-14438"
},
{
"date": "2020-07-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006685"
},
{
"date": "2020-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1254"
},
{
"date": "2024-11-21T05:03:16.597000",
"db": "NVD",
"id": "CVE-2020-14438"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1254"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR On the device OS Command injection vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006685"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1254"
}
],
"trust": 0.6
}
}
VAR-202103-1271
Vulnerability from variot - Updated: 2024-11-23 23:04Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R7960P before 1.4.1.62, R7900P before 1.4.1.62, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, EX7500 before 1.0.0.68, EAX80 before 1.0.1.62, EAX20 before 1.0.0.36, RBK752 before 3.2.16.6, RBK753 before 3.2.16.6, RBK753S before 3.2.16.6, RBK754 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBK853 before 3.2.16.6, RBK854 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6850 before 1.1.0.76, R6350 before 1.1.0.76, R6330 before 1.1.0.76, D7800 before 1.0.1.58, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK23 before 2.6.1.36, RBR20 before 2.6.1.38, RBS20 before 2.6.1.38, RBK12 before 2.6.1.44, RBK13 before 2.6.1.44, RBK14 before 2.6.1.44, RBK15 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, R6800 before 1.2.0.72, R6900v2 before 1.2.0.72, R6700v2 before 1.2.0.72, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, R7800 before 1.0.2.74, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.34, and XR300 before 1.0.3.50. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. This affects R6700v3 prior to 1.0.4.98, R6400v2 prior to 1.0.4.98, R7000 prior to 1.0.11.106, R6900P prior to 1.3.2.124, R7000P prior to 1.3.2.124, R7900 prior to 1.0.4.26, R7850 prior to 1.0.5.60, R8000 prior to 1.0.4.58, RS400 prior to 1.5.0.48, R6400 prior to 1.0.1.62, R6700 prior to 1.0.2.16, R6900 prior to 1.0.2.16, MK60 prior to 1.0.5.102, MR60 prior to 1.0.5.102, MS60 prior to 1.0.5.102, CBR40 prior to 2.5.0.10, R8000P prior to 1.4.1.62, R7960P prior to 1.4.1.62, R7900P prior to 1.4.1.62, RAX15 prior to 1.0.1.64, RAX20 prior to 1.0.1.64, RAX75 prior to 1.0.3.102, RAX80 prior to 1.0.3.102, RAX200 prior to 1.0.2.102, RAX45 prior to 1.0.2.64, RAX50 prior to 1.0.2.64, EX7500 prior to 1.0.0.68, EAX80 prior to 1.0.1.62, EAX20 prior to 1.0.0.36, RBK752 prior to 3.2.16.6, RBK753 prior to 3.2.16.6, RBK753S prior to 3.2.16.6, RBK754 prior to 3.2.16.6, RBR750 prior to 3.2.16.6, RBS750 prior to 3.2.16.6, RBK852 prior to 3.2.16.6, RBK853 prior to 3.2.16.6, RBK854 prior to 3.2.16.6, RBR850 prior to 3.2.16.6, RBS850 prior to 3.2.16.6, RBR840 prior to 3.2.16.6, RBS840 prior to 3.2.16.6, R6120 prior to 1.0.0.70, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6260 prior to 1.1.0.76, R6850 prior to 1.1.0.76, R6350 prior to 1.1.0.76, R6330 prior to 1.1.0.76, D7800 prior to 1.0.1.58, RBK50 prior to 2.6.1.40, RBR50 prior to 2.6.1.40, RBS50 prior to 2.6.1.40, RBK40 prior to 2.6.1.36, RBR40 prior to 2.6.1.36, RBS40 prior to 2.6.1.38, RBK23 prior to 2.6.1.36, RBR20 prior to 2.6.1.38, RBS20 prior to 2.6.1.38, RBK12 prior to 2.6.1.44, RBK13 prior to 2.6.1.44, RBK14 prior to 2.6.1.44, RBK15 prior to 2.6.1.44, RBR10 prior to 2.6.1.44, RBS10 prior to 2.6.1.44, R6800 prior to 1.2.0.72, R6900v2 prior to 1.2.0.72, R6700v2 prior to 1.2.0.72, R7200 prior to 1.2.0.72, R7350 prior to 1.2.0.72, R7400 prior to 1.2.0.72, R7450 prior to 1.2.0.72, AC2100 prior to 1.2.0.72, AC2400 prior to 1.2.0.72, AC2600 prior to 1.2.0.72, R7800 prior to 1.0.2.74, R8900 prior to 1.0.5.24, R9000 prior to 1.0.5.24, RAX120 prior to 1.0.1.136, XR450 prior to 2.3.2.66, XR500 prior to 2.3.2.66, XR700 prior to 1.0.1.34, and XR300 prior to 1.0.3.50
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202103-1271",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.102"
},
{
"model": "r7400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rbr50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.40"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r7350",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbk50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.40"
},
{
"model": "rbk12",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.36"
},
{
"model": "rbs10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "rax120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.136"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.24"
},
{
"model": "rbk854",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "eax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "ac2100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.50"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.58"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.64"
},
{
"model": "rbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "r6260",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.24"
},
{
"model": "rbk14",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "r6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "xr700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "ex7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "rbk23",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.36"
},
{
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.66"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "rbk15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "ac2600",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rbs50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.40"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.64"
},
{
"model": "rbs20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "cbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.0.10"
},
{
"model": "ac2400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "r6330",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.124"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "xr450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.66"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.98"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.0.48"
},
{
"model": "r6350",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.98"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.106"
},
{
"model": "rbk13",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.60"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "eax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.58"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"model": "rbk754",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.64"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r6230",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "rbs40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.64"
},
{
"model": "rbk752",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r6850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "rbk40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.36"
},
{
"model": "r7450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.124"
},
{
"model": "mk60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "rbr10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "r6900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7850",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7900",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"db": "NVD",
"id": "CVE-2021-29068"
}
]
},
"cve": "CVE-2021-29068",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2021-29068",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-29068",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"id": "CVE-2021-29068",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-29068",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-29068",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-29068",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-29068",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202103-1360",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-29068",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-29068"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1360"
},
{
"db": "NVD",
"id": "CVE-2021-29068"
},
{
"db": "NVD",
"id": "CVE-2021-29068"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R7960P before 1.4.1.62, R7900P before 1.4.1.62, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, EX7500 before 1.0.0.68, EAX80 before 1.0.1.62, EAX20 before 1.0.0.36, RBK752 before 3.2.16.6, RBK753 before 3.2.16.6, RBK753S before 3.2.16.6, RBK754 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBK853 before 3.2.16.6, RBK854 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6850 before 1.1.0.76, R6350 before 1.1.0.76, R6330 before 1.1.0.76, D7800 before 1.0.1.58, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK23 before 2.6.1.36, RBR20 before 2.6.1.38, RBS20 before 2.6.1.38, RBK12 before 2.6.1.44, RBK13 before 2.6.1.44, RBK14 before 2.6.1.44, RBK15 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, R6800 before 1.2.0.72, R6900v2 before 1.2.0.72, R6700v2 before 1.2.0.72, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, R7800 before 1.0.2.74, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.34, and XR300 before 1.0.3.50. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. This affects R6700v3 prior to 1.0.4.98, R6400v2 prior to 1.0.4.98, R7000 prior to 1.0.11.106, R6900P prior to 1.3.2.124, R7000P prior to 1.3.2.124, R7900 prior to 1.0.4.26, R7850 prior to 1.0.5.60, R8000 prior to 1.0.4.58, RS400 prior to 1.5.0.48, R6400 prior to 1.0.1.62, R6700 prior to 1.0.2.16, R6900 prior to 1.0.2.16, MK60 prior to 1.0.5.102, MR60 prior to 1.0.5.102, MS60 prior to 1.0.5.102, CBR40 prior to 2.5.0.10, R8000P prior to 1.4.1.62, R7960P prior to 1.4.1.62, R7900P prior to 1.4.1.62, RAX15 prior to 1.0.1.64, RAX20 prior to 1.0.1.64, RAX75 prior to 1.0.3.102, RAX80 prior to 1.0.3.102, RAX200 prior to 1.0.2.102, RAX45 prior to 1.0.2.64, RAX50 prior to 1.0.2.64, EX7500 prior to 1.0.0.68, EAX80 prior to 1.0.1.62, EAX20 prior to 1.0.0.36, RBK752 prior to 3.2.16.6, RBK753 prior to 3.2.16.6, RBK753S prior to 3.2.16.6, RBK754 prior to 3.2.16.6, RBR750 prior to 3.2.16.6, RBS750 prior to 3.2.16.6, RBK852 prior to 3.2.16.6, RBK853 prior to 3.2.16.6, RBK854 prior to 3.2.16.6, RBR850 prior to 3.2.16.6, RBS850 prior to 3.2.16.6, RBR840 prior to 3.2.16.6, RBS840 prior to 3.2.16.6, R6120 prior to 1.0.0.70, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6260 prior to 1.1.0.76, R6850 prior to 1.1.0.76, R6350 prior to 1.1.0.76, R6330 prior to 1.1.0.76, D7800 prior to 1.0.1.58, RBK50 prior to 2.6.1.40, RBR50 prior to 2.6.1.40, RBS50 prior to 2.6.1.40, RBK40 prior to 2.6.1.36, RBR40 prior to 2.6.1.36, RBS40 prior to 2.6.1.38, RBK23 prior to 2.6.1.36, RBR20 prior to 2.6.1.38, RBS20 prior to 2.6.1.38, RBK12 prior to 2.6.1.44, RBK13 prior to 2.6.1.44, RBK14 prior to 2.6.1.44, RBK15 prior to 2.6.1.44, RBR10 prior to 2.6.1.44, RBS10 prior to 2.6.1.44, R6800 prior to 1.2.0.72, R6900v2 prior to 1.2.0.72, R6700v2 prior to 1.2.0.72, R7200 prior to 1.2.0.72, R7350 prior to 1.2.0.72, R7400 prior to 1.2.0.72, R7450 prior to 1.2.0.72, AC2100 prior to 1.2.0.72, AC2400 prior to 1.2.0.72, AC2600 prior to 1.2.0.72, R7800 prior to 1.0.2.74, R8900 prior to 1.0.5.24, R9000 prior to 1.0.5.24, RAX120 prior to 1.0.1.136, XR450 prior to 2.3.2.66, XR500 prior to 2.3.2.66, XR700 prior to 1.0.1.34, and XR300 prior to 1.0.3.50",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-29068"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"db": "VULMON",
"id": "CVE-2021-29068"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-29068",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005326",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1360",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-29068",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-29068"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1360"
},
{
"db": "NVD",
"id": "CVE-2021-29068"
}
]
},
"id": "VAR-202103-1271",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3117663121621622
},
"last_update_date": "2024-11-23T23:04:04.570000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Buffer\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers,\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems\u00a0,\u00a0PSV-2020-0155",
"trust": 0.8,
"url": "https://kb.netgear.com/000063021/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0155"
},
{
"title": "Netgear NETGEAR Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=145681"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1360"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"db": "NVD",
"id": "CVE-2021-29068"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000063021/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-extenders-and-wifi-systems-psv-2020-0155"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-29068"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-29068"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1360"
},
{
"db": "NVD",
"id": "CVE-2021-29068"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-29068"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1360"
},
{
"db": "NVD",
"id": "CVE-2021-29068"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-23T00:00:00",
"db": "VULMON",
"id": "CVE-2021-29068"
},
{
"date": "2021-12-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"date": "2021-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-1360"
},
{
"date": "2021-03-23T07:15:13.297000",
"db": "NVD",
"id": "CVE-2021-29068"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-27T00:00:00",
"db": "VULMON",
"id": "CVE-2021-29068"
},
{
"date": "2021-12-13T01:53:00",
"db": "JVNDB",
"id": "JVNDB-2021-005326"
},
{
"date": "2021-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-1360"
},
{
"date": "2024-11-21T06:00:38.353000",
"db": "NVD",
"id": "CVE-2021-29068"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-1360"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Classic buffer overflow vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-005326"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-1360"
}
],
"trust": 0.6
}
}
VAR-202006-0931
Vulnerability from variot - Updated: 2024-11-23 23:01Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, and RBS840 before 3.2.15.25. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR.
Injection vulnerabilities exist in many NETGEAR products. The vulnerability stems from the fact that the network system or product lacks the correct verification of the user input data during the operation process of the user inputting the construction command, data structure or record, and the special elements are not filtered or correctly filtered, resulting in the analysis or analysis of the system or product. The explanation is wrong. No detailed vulnerability details are currently provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0931",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbk752",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk752",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44779"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006745"
},
{
"db": "NVD",
"id": "CVE-2020-14434"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:rbk752_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk842_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk852_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk853_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr850_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs850_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006745"
}
]
},
"cve": "CVE-2020-14434",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "CVE-2020-14434",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.7,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2020-006745",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "CNVD-2021-44779",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2020-14434",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.7,
"id": "CVE-2020-14434",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006745",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14434",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-14434",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-006745",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-44779",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1250",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44779"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006745"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1250"
},
{
"db": "NVD",
"id": "CVE-2020-14434"
},
{
"db": "NVD",
"id": "CVE-2020-14434"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, and RBS840 before 3.2.15.25. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. \n\r\n\r\nInjection vulnerabilities exist in many NETGEAR products. The vulnerability stems from the fact that the network system or product lacks the correct verification of the user input data during the operation process of the user inputting the construction command, data structure or record, and the special elements are not filtered or correctly filtered, resulting in the analysis or analysis of the system or product. The explanation is wrong. No detailed vulnerability details are currently provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14434"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006745"
},
{
"db": "CNVD",
"id": "CNVD-2021-44779"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14434",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006745",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-44779",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1250",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44779"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006745"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1250"
},
{
"db": "NVD",
"id": "CVE-2020-14434"
}
]
},
"id": "VAR-202006-0931",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44779"
}
],
"trust": 1.0097272085714286
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44779"
}
]
},
"last_update_date": "2024-11-23T23:01:21.848000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Command Injection on Some WiFi Systems, PSV-2020-0040",
"trust": 0.8,
"url": "https://kb.netgear.com/000061934/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0040"
},
{
"title": "Patch for Command injection vulnerabilities in multiple NETGEAR products (CNVD-2021-44779)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/275091"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44779"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006745"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "CWE-74",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006745"
},
{
"db": "NVD",
"id": "CVE-2020-14434"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14434"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061934/security-advisory-for-post-authentication-command-injection-on-some-wifi-systems-psv-2020-0040"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-14434"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44779"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006745"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1250"
},
{
"db": "NVD",
"id": "CVE-2020-14434"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-44779"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006745"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1250"
},
{
"db": "NVD",
"id": "CVE-2020-14434"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44779"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006745"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1250"
},
{
"date": "2020-06-18T17:15:12.547000",
"db": "NVD",
"id": "CVE-2020-14434"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44779"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006745"
},
{
"date": "2020-06-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1250"
},
{
"date": "2024-11-21T05:03:15.850000",
"db": "NVD",
"id": "CVE-2020-14434"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1250"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Injection vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006745"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1250"
}
],
"trust": 0.6
}
}
VAR-202012-1194
Vulnerability from variot - Updated: 2024-11-23 23:01Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D7800 before 1.0.1.58, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX7500 before 1.0.0.68, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6330 before 1.1.0.76, R6350 before 1.1.0.76, R6400 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700 before 1.0.2.16, R6700v2 before 1.2.0.72, R6700v3 before 1.0.4.98, R6800 before 1.2.0.72, R6850 before 1.1.0.76, R6900P before 1.3.2.124, R6900 before 1.0.2.16, R6900v2 before 1.2.0.72, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RS400 before 1.5.0.48, XR300 before 1.0.3.50, XR450 before 2.3.2.66, XR500 before 2.3.2.66, and XR700 before 1.0.1.34. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202012-1194",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "r7400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.102"
},
{
"model": "rbr50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.40"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r7350",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "mk62",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbk50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.40"
},
{
"model": "rbk12",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "rbs10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "cbk40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.0.10"
},
{
"model": "rax120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.136"
},
{
"model": "rbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.36"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"model": "r6230",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.100"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.24"
},
{
"model": "eax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "ac2100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.50"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.58"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.64"
},
{
"model": "r6260",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.24"
},
{
"model": "rbk20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "r6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "rbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.36"
},
{
"model": "xr700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "ex7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.66"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.64"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbs20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.98"
},
{
"model": "ac2600",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "ac2400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "cbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.0.10"
},
{
"model": "rbs50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.40"
},
{
"model": "r6330",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.124"
},
{
"model": "xr450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.66"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.0.48"
},
{
"model": "r6900v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r6350",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.106"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.98"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.60"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "eax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r6700v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.58"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.64"
},
{
"model": "rbk40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "rbs40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.64"
},
{
"model": "rbk752",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.100"
},
{
"model": "r6850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "r7450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.124"
},
{
"model": "rbr10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "ac2400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mk62",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cbk40",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d7800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex7500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "eax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ac2600",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "eax80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ac2100",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cbr40",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"db": "NVD",
"id": "CVE-2020-35795"
}
]
},
"cve": "CVE-2020-35795",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-35795",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-35795",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-015039",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-35795",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-35795",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2020-35795",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202012-1750",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1750"
},
{
"db": "NVD",
"id": "CVE-2020-35795"
},
{
"db": "NVD",
"id": "CVE-2020-35795"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D7800 before 1.0.1.58, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX7500 before 1.0.0.68, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6330 before 1.1.0.76, R6350 before 1.1.0.76, R6400 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700 before 1.0.2.16, R6700v2 before 1.2.0.72, R6700v3 before 1.0.4.98, R6800 before 1.2.0.72, R6850 before 1.1.0.76, R6900P before 1.3.2.124, R6900 before 1.0.2.16, R6900v2 before 1.2.0.72, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RS400 before 1.5.0.48, XR300 before 1.0.3.50, XR450 before 2.3.2.66, XR500 before 2.3.2.66, and XR700 before 1.0.1.34. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-35795"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-35795",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015039",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1750",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1750"
},
{
"db": "NVD",
"id": "CVE-2020-35795"
}
]
},
"id": "VAR-202012-1194",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3302461448717948
},
"last_update_date": "2024-11-23T23:01:10.862000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Pre-Authentication\u00a0Buffer\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers,\u00a0Range\u00a0Extenders,\u00a0and\u00a0Orbi\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0154",
"trust": 0.8,
"url": "https://kb.netgear.com/000062735/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Range-Extenders-and-Orbi-WiFi-Systems-PSV-2020-0154"
},
{
"title": "Certain NETGEAR devices Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138129"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1750"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"db": "NVD",
"id": "CVE-2020-35795"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000062735/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-range-extenders-and-orbi-wifi-systems-psv-2020-0154"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35795"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1750"
},
{
"db": "NVD",
"id": "CVE-2020-35795"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1750"
},
{
"db": "NVD",
"id": "CVE-2020-35795"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"date": "2020-12-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1750"
},
{
"date": "2020-12-30T00:15:14.080000",
"db": "NVD",
"id": "CVE-2020-35795"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-08T08:43:00",
"db": "JVNDB",
"id": "JVNDB-2020-015039"
},
{
"date": "2021-01-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1750"
},
{
"date": "2024-11-21T05:28:07.420000",
"db": "NVD",
"id": "CVE-2020-35795"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1750"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Classic buffer overflow vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015039"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1750"
}
],
"trust": 0.6
}
}
VAR-202012-1177
Vulnerability from variot - Updated: 2024-11-23 22:58Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.14, RBW30 before 2.6.1.4, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, and RBS40V before 2.6.1.4. plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202012-1177",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.0.14"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"model": "rbw30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.4"
},
{
"model": "rbs840v",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.4"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbk752",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbs750",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbr850",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbr750",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax75",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbs850",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbk852",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbk752",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbw30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014795"
},
{
"db": "NVD",
"id": "CVE-2020-35802"
}
]
},
"cve": "CVE-2020-35802",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-35802",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-35802",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-014795",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-35802",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-35802",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2020-35802",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202012-1767",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014795"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1767"
},
{
"db": "NVD",
"id": "CVE-2020-35802"
},
{
"db": "NVD",
"id": "CVE-2020-35802"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.14, RBW30 before 2.6.1.4, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, and RBS40V before 2.6.1.4. plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-35802"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014795"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-35802",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014795",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1767",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014795"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1767"
},
{
"db": "NVD",
"id": "CVE-2020-35802"
}
]
},
"id": "VAR-202012-1177",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.34430966500000004
},
"last_update_date": "2024-11-23T22:58:05.584000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Sensitive\u00a0Information\u00a0Disclosure\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0331",
"trust": 0.8,
"url": "https://kb.netgear.com/000062720/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-WiFi-Systems-PSV-2020-0331"
},
{
"title": "Multiple Netgear Product information disclosure vulnerability repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138274"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014795"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1767"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014795"
},
{
"db": "NVD",
"id": "CVE-2020-35802"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000062720/security-advisory-for-sensitive-information-disclosure-on-some-routers-and-wifi-systems-psv-2020-0331"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35802"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014795"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1767"
},
{
"db": "NVD",
"id": "CVE-2020-35802"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014795"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1767"
},
{
"db": "NVD",
"id": "CVE-2020-35802"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-014795"
},
{
"date": "2020-12-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1767"
},
{
"date": "2020-12-30T00:15:14.517000",
"db": "NVD",
"id": "CVE-2020-35802"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-31T05:14:00",
"db": "JVNDB",
"id": "JVNDB-2020-014795"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1767"
},
{
"date": "2024-11-21T05:28:09.167000",
"db": "NVD",
"id": "CVE-2020-35802"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1767"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014795"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1767"
}
],
"trust": 0.6
}
}
VAR-202006-0937
Vulnerability from variot - Updated: 2024-11-23 22:55Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. Attackers can use this vulnerability to execute arbitrary Shell commands on the system by sending a specially crafted request
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0937",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbk752",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk752",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44785"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006681"
},
{
"db": "NVD",
"id": "CVE-2020-14440"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:rbk752_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk842_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk852_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk853_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs840_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006681"
}
]
},
"cve": "CVE-2020-14440",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2020-14440",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-006681",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-44785",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14440",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14440",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006681",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14440",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-14440",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-006681",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-44785",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1259",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44785"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006681"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1259"
},
{
"db": "NVD",
"id": "CVE-2020-14440"
},
{
"db": "NVD",
"id": "CVE-2020-14440"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. Attackers can use this vulnerability to execute arbitrary Shell commands on the system by sending a specially crafted request",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14440"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006681"
},
{
"db": "CNVD",
"id": "CNVD-2021-44785"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14440",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006681",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-44785",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1259",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44785"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006681"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1259"
},
{
"db": "NVD",
"id": "CVE-2020-14440"
}
]
},
"id": "VAR-202006-0937",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44785"
}
],
"trust": 1.0097272085714286
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44785"
}
]
},
"last_update_date": "2024-11-23T22:55:07.986000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentification Command Injection on Some WiFi Systems, PSV-2020-0065",
"trust": 0.8,
"url": "https://kb.netgear.com/000061943/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0065"
},
{
"title": "Patch for Operating system command injection vulnerabilities in multiple NETGEAR products (CNVD-2021-44785)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/275041"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44785"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006681"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "CWE-78",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006681"
},
{
"db": "NVD",
"id": "CVE-2020-14440"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14440"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061943/security-advisory-for-pre-authentication-command-injection-on-some-wifi-systems-psv-2020-0065"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-14440"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44785"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006681"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1259"
},
{
"db": "NVD",
"id": "CVE-2020-14440"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-44785"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006681"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1259"
},
{
"db": "NVD",
"id": "CVE-2020-14440"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44785"
},
{
"date": "2020-07-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006681"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1259"
},
{
"date": "2020-06-18T17:15:13.140000",
"db": "NVD",
"id": "CVE-2020-14440"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44785"
},
{
"date": "2020-07-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006681"
},
{
"date": "2020-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1259"
},
{
"date": "2024-11-21T05:03:16.930000",
"db": "NVD",
"id": "CVE-2020-14440"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1259"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR On the device OS Command injection vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006681"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1259"
}
],
"trust": 0.6
}
}
VAR-202006-0938
Vulnerability from variot - Updated: 2024-11-23 22:51Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. Attackers can use this vulnerability to execute arbitrary shell commands on the system with a specially crafted request. This affects RBK752 prior to 3.2.15.25, RBK753 prior to 3.2.15.25, RBK753S prior to 3.2.15.25, RBR750 prior to 3.2.15.25, RBS750 prior to 3.2.15.25, RBK842 prior to 3.2.15.25, RBR840 prior to 3.2.15.25, RBS840 prior to 3.2.15.25, RBK852 prior to 3.2.15.25, RBK853 prior to 3.2.15.25, RBR850 prior to 3.2.15.25, and RBS850 prior to 3.2.15.25
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0938",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbk752",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk752",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44786"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006682"
},
{
"db": "NVD",
"id": "CVE-2020-14441"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:rbk752_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk842_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk852_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk853_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs840_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006682"
}
]
},
"cve": "CVE-2020-14441",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2020-14441",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-006682",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-44786",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14441",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14441",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006682",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14441",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-14441",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-006682",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-44786",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1260",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2020-14441",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44786"
},
{
"db": "VULMON",
"id": "CVE-2020-14441"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006682"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1260"
},
{
"db": "NVD",
"id": "CVE-2020-14441"
},
{
"db": "NVD",
"id": "CVE-2020-14441"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. Attackers can use this vulnerability to execute arbitrary shell commands on the system with a specially crafted request. This affects RBK752 prior to 3.2.15.25, RBK753 prior to 3.2.15.25, RBK753S prior to 3.2.15.25, RBR750 prior to 3.2.15.25, RBS750 prior to 3.2.15.25, RBK842 prior to 3.2.15.25, RBR840 prior to 3.2.15.25, RBS840 prior to 3.2.15.25, RBK852 prior to 3.2.15.25, RBK853 prior to 3.2.15.25, RBR850 prior to 3.2.15.25, and RBS850 prior to 3.2.15.25",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14441"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006682"
},
{
"db": "CNVD",
"id": "CNVD-2021-44786"
},
{
"db": "VULMON",
"id": "CVE-2020-14441"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14441",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006682",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-44786",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1260",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-14441",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44786"
},
{
"db": "VULMON",
"id": "CVE-2020-14441"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006682"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1260"
},
{
"db": "NVD",
"id": "CVE-2020-14441"
}
]
},
"id": "VAR-202006-0938",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44786"
}
],
"trust": 1.0097272085714286
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44786"
}
]
},
"last_update_date": "2024-11-23T22:51:20.508000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentification Command Injection on Some WiFi Systems, PSV-2020-0071",
"trust": 0.8,
"url": "https://kb.netgear.com/000061946/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0071"
},
{
"title": "Patch for Operating system command injection vulnerabilities in multiple NETGEAR products (CNVD-2021-44786)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/275051"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44786"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006682"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "CWE-78",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006682"
},
{
"db": "NVD",
"id": "CVE-2020-14441"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14441"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000061946/security-advisory-for-pre-authentication-command-injection-on-some-wifi-systems-psv-2020-0071"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-14441"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/77.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44786"
},
{
"db": "VULMON",
"id": "CVE-2020-14441"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006682"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1260"
},
{
"db": "NVD",
"id": "CVE-2020-14441"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-44786"
},
{
"db": "VULMON",
"id": "CVE-2020-14441"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006682"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1260"
},
{
"db": "NVD",
"id": "CVE-2020-14441"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44786"
},
{
"date": "2020-06-18T00:00:00",
"db": "VULMON",
"id": "CVE-2020-14441"
},
{
"date": "2020-07-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006682"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1260"
},
{
"date": "2020-06-18T17:15:13.233000",
"db": "NVD",
"id": "CVE-2020-14441"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44786"
},
{
"date": "2021-07-21T00:00:00",
"db": "VULMON",
"id": "CVE-2020-14441"
},
{
"date": "2020-07-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006682"
},
{
"date": "2020-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1260"
},
{
"date": "2024-11-21T05:03:17.100000",
"db": "NVD",
"id": "CVE-2020-14441"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1260"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR On the device OS Command injection vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006682"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1260"
}
],
"trust": 0.6
}
}
VAR-202012-1175
Vulnerability from variot - Updated: 2024-11-23 22:51plural NETGEAR An unspecified vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202012-1175",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.80"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "ex3920",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.84"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.90"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.80"
},
{
"model": "ex6100v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.94"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.42"
},
{
"model": "r7400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rbr50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.40"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "ex6920",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "rbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "r7350",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "mk62",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbk50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.40"
},
{
"model": "rbk12",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "ex6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "cbk40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.0.10"
},
{
"model": "ex7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.152"
},
{
"model": "rax120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.136"
},
{
"model": "rbs10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "ex6410",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.128"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbs50y",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.40"
},
{
"model": "wnr1000v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.78"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.24"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "ex6150v1",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r6230",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.100"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.134"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.24"
},
{
"model": "eax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "r6400v1",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "dm200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.48"
},
{
"model": "ac2100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "ex2700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.58"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.42"
},
{
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.50"
},
{
"model": "ex7700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.210"
},
{
"model": "wnr2000v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.12"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.64"
},
{
"model": "r6260",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.24"
},
{
"model": "rbk20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.32"
},
{
"model": "ex6110",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.68"
},
{
"model": "ex6200v1",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.94"
},
{
"model": "r6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "rbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.36"
},
{
"model": "xr700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "ex3110",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.68"
},
{
"model": "ex7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.66"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.98"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.84"
},
{
"model": "ac2600",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "ex6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.128"
},
{
"model": "ex8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.224"
},
{
"model": "ac2400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "cbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.0.10"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.64"
},
{
"model": "rbs20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "rbs50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.40"
},
{
"model": "r6330",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "r7500v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.48"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.124"
},
{
"model": "xr450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.66"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.0.48"
},
{
"model": "r6900v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r6350",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "dc112a",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.84"
},
{
"model": "ex6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.128"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "ex7320",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.128"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.134"
},
{
"model": "ex6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.152"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.106"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.98"
},
{
"model": "rbs40v-200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.60"
},
{
"model": "wn2500rpv2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.56"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "eax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "r6700v1",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "wn3000rpv3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "r6700v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rbw30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.0.4"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "ex7300v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.128"
},
{
"model": "rbs40v",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.1.6"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.58"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"model": "wn3500rpv1",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.64"
},
{
"model": "rbk40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "ex6150v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.94"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.114"
},
{
"model": "rbs40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.38"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.64"
},
{
"model": "rbk752",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.100"
},
{
"model": "rax35",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.80"
},
{
"model": "r6850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.76"
},
{
"model": "r7450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.72"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.50"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.124"
},
{
"model": "rbr10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.1.44"
},
{
"model": "d6000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ac2600",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d7000v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ac2400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6220",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d7800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ac2100",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cbk40",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cbr40",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015016"
},
{
"db": "NVD",
"id": "CVE-2020-35800"
}
]
},
"cve": "CVE-2020-35800",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 9.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-35800",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-35800",
"impactScore": 5.5,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "Low",
"baseScore": 9.4,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-015016",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-35800",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-35800",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2020-35800",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202012-1740",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015016"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1740"
},
{
"db": "NVD",
"id": "CVE-2020-35800"
},
{
"db": "NVD",
"id": "CVE-2020-35800"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR An unspecified vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state.",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015016"
}
],
"trust": 0.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-35800",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015016",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1740",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015016"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1740"
},
{
"db": "NVD",
"id": "CVE-2020-35800"
}
]
},
"id": "VAR-202012-1175",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4047866293478262
},
"last_update_date": "2024-11-23T22:51:09.418000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Security\u00a0Misconfiguration\u00a0on\u00a0Some\u00a0Routers,\u00a0Range\u00a0Extenders,\u00a0and\u00a0Orbi\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0112",
"trust": 0.8,
"url": "https://kb.netgear.com/000062733/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Range-Extenders-and-Orbi-WiFi-Systems-PSV-2020-0112"
},
{
"title": "Certain NETGEAR devices Repair measures for default configuration problems",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138265"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015016"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1740"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015016"
},
{
"db": "NVD",
"id": "CVE-2020-35800"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000062733/security-advisory-for-security-misconfiguration-on-some-routers-range-extenders-and-orbi-wifi-systems-psv-2020-0112"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35800"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015016"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1740"
},
{
"db": "NVD",
"id": "CVE-2020-35800"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015016"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1740"
},
{
"db": "NVD",
"id": "CVE-2020-35800"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-015016"
},
{
"date": "2020-12-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1740"
},
{
"date": "2020-12-30T00:15:14.410000",
"db": "NVD",
"id": "CVE-2020-35800"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-07T09:06:00",
"db": "JVNDB",
"id": "JVNDB-2020-015016"
},
{
"date": "2021-01-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1740"
},
{
"date": "2024-11-21T05:28:08.620000",
"db": "NVD",
"id": "CVE-2020-35800"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1740"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015016"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Default configuration problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1740"
}
],
"trust": 0.6
}
}
VAR-202006-0928
Vulnerability from variot - Updated: 2024-11-23 22:47Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR Devices contain vulnerabilities in insufficient protection of credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR.
There are security vulnerabilities in many NETGEAR products. Attackers can use this vulnerability to obtain management credentials
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0928",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbk752",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk752",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44776"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006743"
},
{
"db": "NVD",
"id": "CVE-2020-14431"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:rbk752_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk842_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk852_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk853_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr850_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs850_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006743"
}
]
},
"cve": "CVE-2020-14431",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2020-14431",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-006743",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-44776",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14431",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14431",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006743",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14431",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-14431",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-006743",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-44776",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1245",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44776"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006743"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1245"
},
{
"db": "NVD",
"id": "CVE-2020-14431"
},
{
"db": "NVD",
"id": "CVE-2020-14431"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR Devices contain vulnerabilities in insufficient protection of credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. \n\r\n\r\nThere are security vulnerabilities in many NETGEAR products. Attackers can use this vulnerability to obtain management credentials",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14431"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006743"
},
{
"db": "CNVD",
"id": "CNVD-2021-44776"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14431",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006743",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-44776",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1245",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44776"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006743"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1245"
},
{
"db": "NVD",
"id": "CVE-2020-14431"
}
]
},
"id": "VAR-202006-0928",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44776"
}
],
"trust": 1.0097272085714286
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44776"
}
]
},
"last_update_date": "2024-11-23T22:47:58.932000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Admin Credential Disclosure on Some WiFi Systems, PSV-2020-0068",
"trust": 0.8,
"url": "https://kb.netgear.com/000061944/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0068"
},
{
"title": "Patch for Information Disclosure Vulnerabilities in Multiple NETGEAR Products (CNVD-2021-44776)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/275106"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121993"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44776"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006743"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1245"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-522",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006743"
},
{
"db": "NVD",
"id": "CVE-2020-14431"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14431"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061944/security-advisory-for-admin-credential-disclosure-on-some-wifi-systems-psv-2020-0068"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-14431"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44776"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006743"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1245"
},
{
"db": "NVD",
"id": "CVE-2020-14431"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-44776"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006743"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1245"
},
{
"db": "NVD",
"id": "CVE-2020-14431"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44776"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006743"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1245"
},
{
"date": "2020-06-18T17:15:12.250000",
"db": "NVD",
"id": "CVE-2020-14431"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44776"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006743"
},
{
"date": "2020-06-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1245"
},
{
"date": "2024-11-21T05:03:15.320000",
"db": "NVD",
"id": "CVE-2020-14431"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1245"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Inadequate protection of credentials on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006743"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1245"
}
],
"trust": 0.6
}
}
VAR-202012-1197
Vulnerability from variot - Updated: 2024-11-23 22:47Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R6900P before 1.3.2.124, R7000 before 1.0.11.100, R7000P before 1.3.2.124, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7960P before 1.4.1.50, R8000 before 1.0.4.52, R7900P before 1.4.1.50, R8000P before 1.4.1.50, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.1.12, RAX45 before 1.0.2.66, RAX50 before 1.0.2.66, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RS400 before 1.5.0.48, and XR300 before 1.0.3.50. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202012-1197",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.50"
},
{
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.50"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.124"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.100"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.50"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.0.48"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.66"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.66"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.50"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.64"
},
{
"model": "rbk752",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.84"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.60"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.124"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.52"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.84"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.64"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "r7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700v3",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7850",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7900",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7960p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015041"
},
{
"db": "NVD",
"id": "CVE-2020-35798"
}
]
},
"cve": "CVE-2020-35798",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-35798",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2020-35798",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.5,
"id": "CVE-2020-35798",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-35798",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-35798",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-35798",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2020-35798",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202012-1738",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015041"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1738"
},
{
"db": "NVD",
"id": "CVE-2020-35798"
},
{
"db": "NVD",
"id": "CVE-2020-35798"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R6900P before 1.3.2.124, R7000 before 1.0.11.100, R7000P before 1.3.2.124, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7960P before 1.4.1.50, R8000 before 1.0.4.52, R7900P before 1.4.1.50, R8000P before 1.4.1.50, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.1.12, RAX45 before 1.0.2.66, RAX50 before 1.0.2.66, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RS400 before 1.5.0.48, and XR300 before 1.0.3.50. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-35798"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015041"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-35798",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015041",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1738",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015041"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1738"
},
{
"db": "NVD",
"id": "CVE-2020-35798"
}
]
},
"id": "VAR-202012-1197",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3437377093333333
},
"last_update_date": "2024-11-23T22:47:44.558000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Pre-Authentication\u00a0Command\u00a0Injection\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2019-0218",
"trust": 0.8,
"url": "https://kb.netgear.com/000062715/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2019-0218"
},
{
"title": "Certain NETGEAR devices Fixes for command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138119"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015041"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1738"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015041"
},
{
"db": "NVD",
"id": "CVE-2020-35798"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000062715/security-advisory-for-pre-authentication-command-injection-on-some-routers-and-wifi-systems-psv-2019-0218"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35798"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015041"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1738"
},
{
"db": "NVD",
"id": "CVE-2020-35798"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015041"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1738"
},
{
"db": "NVD",
"id": "CVE-2020-35798"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-015041"
},
{
"date": "2020-12-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1738"
},
{
"date": "2020-12-30T00:15:14.267000",
"db": "NVD",
"id": "CVE-2020-35798"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-08T08:43:00",
"db": "JVNDB",
"id": "JVNDB-2020-015041"
},
{
"date": "2021-01-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1738"
},
{
"date": "2024-11-21T05:28:08.150000",
"db": "NVD",
"id": "CVE-2020-35798"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1738"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Command injection vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015041"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1738"
}
],
"trust": 0.6
}
}
VAR-202006-0934
Vulnerability from variot - Updated: 2024-11-23 22:41Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. Attackers can use this vulnerability to execute arbitrary Shell commands on the system by sending a specially crafted request
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0934",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbk752",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk752",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44782"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006684"
},
{
"db": "NVD",
"id": "CVE-2020-14437"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:rbk752_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk842_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk852_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk853_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs840_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006684"
}
]
},
"cve": "CVE-2020-14437",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2020-14437",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-006684",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-44782",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14437",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14437",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006684",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14437",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-14437",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-006684",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-44782",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1253",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44782"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006684"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1253"
},
{
"db": "NVD",
"id": "CVE-2020-14437"
},
{
"db": "NVD",
"id": "CVE-2020-14437"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. Attackers can use this vulnerability to execute arbitrary Shell commands on the system by sending a specially crafted request",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14437"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006684"
},
{
"db": "CNVD",
"id": "CNVD-2021-44782"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14437",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006684",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-44782",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1253",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44782"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006684"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1253"
},
{
"db": "NVD",
"id": "CVE-2020-14437"
}
]
},
"id": "VAR-202006-0934",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44782"
}
],
"trust": 1.0097272085714286
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44782"
}
]
},
"last_update_date": "2024-11-23T22:41:00.813000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentification Command Injection on Some WiFi Systems, PSV-2020-0054",
"trust": 0.8,
"url": "https://kb.netgear.com/000061940/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0054"
},
{
"title": "Patch for Operating system command injection vulnerabilities in multiple NETGEAR products (CNVD-2021-44782)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/275021"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44782"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006684"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "CWE-78",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006684"
},
{
"db": "NVD",
"id": "CVE-2020-14437"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14437"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061940/security-advisory-for-pre-authentication-command-injection-on-some-wifi-systems-psv-2020-0054"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-14437"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44782"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006684"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1253"
},
{
"db": "NVD",
"id": "CVE-2020-14437"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-44782"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006684"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1253"
},
{
"db": "NVD",
"id": "CVE-2020-14437"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44782"
},
{
"date": "2020-07-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006684"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1253"
},
{
"date": "2020-06-18T17:15:12.860000",
"db": "NVD",
"id": "CVE-2020-14437"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44782"
},
{
"date": "2020-07-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006684"
},
{
"date": "2020-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1253"
},
{
"date": "2024-11-21T05:03:16.423000",
"db": "NVD",
"id": "CVE-2020-14437"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1253"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR On the device OS Command injection vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006684"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1253"
}
],
"trust": 0.6
}
}
VAR-202006-0587
Vulnerability from variot - Updated: 2024-11-23 22:33Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects MK62 before 1.0.4.92, MK63 before 1.0.4.92, MR60 before 1.0.4.92, MS60 before 1.0.4.92, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBS750 before 3.2.15.25, RBR750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR Devices contain vulnerabilities in insufficient protection of credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This affects MK62 prior to 1.0.4.92, MK63 prior to 1.0.4.92, MR60 prior to 1.0.4.92, MS60 prior to 1.0.4.92, RBK752 prior to 3.2.15.25, RBK753 prior to 3.2.15.25, RBK753S prior to 3.2.15.25, RBS750 prior to 3.2.15.25, RBR750 prior to 3.2.15.25, RBK842 prior to 3.2.15.25, RBR840 prior to 3.2.15.25, RBS840 prior to 3.2.15.25, RBK852 prior to 3.2.15.25, RBK853 prior to 3.2.15.25, RBR850 prior to 3.2.15.25, and RBS850 prior to 3.2.15.25
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0587",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mk63",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.92"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk752",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.92"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.92"
},
{
"model": "mk62",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.92"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "mk62",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.92"
},
{
"model": "mk63",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.92"
},
{
"model": "mr60",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.92"
},
{
"model": "ms60",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.92"
},
{
"model": "rbk752",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006746"
},
{
"db": "NVD",
"id": "CVE-2020-14429"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:mk62_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:mk63_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:mr60_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ms60_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk752_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk842_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs750_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006746"
}
]
},
"cve": "CVE-2020-14429",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2020-14429",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-006746",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14429",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14429",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006746",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14429",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-14429",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-006746",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1243",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2020-14429",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-14429"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006746"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1243"
},
{
"db": "NVD",
"id": "CVE-2020-14429"
},
{
"db": "NVD",
"id": "CVE-2020-14429"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects MK62 before 1.0.4.92, MK63 before 1.0.4.92, MR60 before 1.0.4.92, MS60 before 1.0.4.92, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBS750 before 3.2.15.25, RBR750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR Devices contain vulnerabilities in insufficient protection of credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This affects MK62 prior to 1.0.4.92, MK63 prior to 1.0.4.92, MR60 prior to 1.0.4.92, MS60 prior to 1.0.4.92, RBK752 prior to 3.2.15.25, RBK753 prior to 3.2.15.25, RBK753S prior to 3.2.15.25, RBS750 prior to 3.2.15.25, RBR750 prior to 3.2.15.25, RBK842 prior to 3.2.15.25, RBR840 prior to 3.2.15.25, RBS840 prior to 3.2.15.25, RBK852 prior to 3.2.15.25, RBK853 prior to 3.2.15.25, RBR850 prior to 3.2.15.25, and RBS850 prior to 3.2.15.25",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14429"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006746"
},
{
"db": "VULMON",
"id": "CVE-2020-14429"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14429",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006746",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1243",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-14429",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-14429"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006746"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1243"
},
{
"db": "NVD",
"id": "CVE-2020-14429"
}
]
},
"id": "VAR-202006-0587",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4097272085714286
},
"last_update_date": "2024-11-23T22:33:26.219000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Admin Credential Disclosure on Some WiFi Systems, PSV-2020-0050",
"trust": 0.8,
"url": "https://kb.netgear.com/000061938/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0050"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121991"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006746"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1243"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-522",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006746"
},
{
"db": "NVD",
"id": "CVE-2020-14429"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000061938/security-advisory-for-admin-credential-disclosure-on-some-wifi-systems-psv-2020-0050"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14429"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-14429"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-14429"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006746"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1243"
},
{
"db": "NVD",
"id": "CVE-2020-14429"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2020-14429"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006746"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1243"
},
{
"db": "NVD",
"id": "CVE-2020-14429"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-18T00:00:00",
"db": "VULMON",
"id": "CVE-2020-14429"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006746"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1243"
},
{
"date": "2020-06-18T17:15:12.077000",
"db": "NVD",
"id": "CVE-2020-14429"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-21T00:00:00",
"db": "VULMON",
"id": "CVE-2020-14429"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006746"
},
{
"date": "2020-06-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1243"
},
{
"date": "2024-11-21T05:03:14.980000",
"db": "NVD",
"id": "CVE-2020-14429"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1243"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Inadequate protection of credentials on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006746"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1243"
}
],
"trust": 0.6
}
}
VAR-202006-0933
Vulnerability from variot - Updated: 2024-11-23 22:29Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, and RBS840 before 3.2.15.25. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR.
Injection vulnerabilities exist in many NETGEAR products. Attackers can use this vulnerability to execute arbitrary Shell commands on the system by sending a specially crafted request
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0933",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbk752",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk752",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44781"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006741"
},
{
"db": "NVD",
"id": "CVE-2020-14436"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:rbk752_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk842_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk852_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk853_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr850_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs850_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006741"
}
]
},
"cve": "CVE-2020-14436",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2020-14436",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-006741",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-44781",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14436",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14436",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006741",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14436",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-14436",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-006741",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-44781",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1252",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44781"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006741"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1252"
},
{
"db": "NVD",
"id": "CVE-2020-14436"
},
{
"db": "NVD",
"id": "CVE-2020-14436"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, and RBS840 before 3.2.15.25. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. \n\r\n\r\nInjection vulnerabilities exist in many NETGEAR products. Attackers can use this vulnerability to execute arbitrary Shell commands on the system by sending a specially crafted request",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14436"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006741"
},
{
"db": "CNVD",
"id": "CNVD-2021-44781"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14436",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006741",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-44781",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1252",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44781"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006741"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1252"
},
{
"db": "NVD",
"id": "CVE-2020-14436"
}
]
},
"id": "VAR-202006-0933",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44781"
}
],
"trust": 1.0097272085714286
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44781"
}
]
},
"last_update_date": "2024-11-23T22:29:35.912000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Command Injection on Some WiFi Systems, PSV-2020-0039",
"trust": 0.8,
"url": "https://kb.netgear.com/000061933/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0039"
},
{
"title": "Patch for Command injection vulnerabilities in multiple NETGEAR products (CNVD-2021-44781)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/275081"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44781"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006741"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "CWE-74",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006741"
},
{
"db": "NVD",
"id": "CVE-2020-14436"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14436"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061933/security-advisory-for-pre-authentication-command-injection-on-some-wifi-systems-psv-2020-0039"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-14436"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44781"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006741"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1252"
},
{
"db": "NVD",
"id": "CVE-2020-14436"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-44781"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006741"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1252"
},
{
"db": "NVD",
"id": "CVE-2020-14436"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44781"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006741"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1252"
},
{
"date": "2020-06-18T17:15:12.750000",
"db": "NVD",
"id": "CVE-2020-14436"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44781"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006741"
},
{
"date": "2020-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1252"
},
{
"date": "2024-11-21T05:03:16.207000",
"db": "NVD",
"id": "CVE-2020-14436"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1252"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Injection vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006741"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1252"
}
],
"trust": 0.6
}
}
VAR-202006-0929
Vulnerability from variot - Updated: 2024-11-23 22:16Certain NETGEAR devices are affected by CSRF. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. The vulnerability stems from the fact that the WEB application does not fully verify whether the request comes from a trusted user. An attacker can use this vulnerability to send unexpected requests to the server through the affected client
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0929",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbk752",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk752",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44777"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006797"
},
{
"db": "NVD",
"id": "CVE-2020-14432"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:rbk752_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk842_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk852_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk853_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs840_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006797"
}
]
},
"cve": "CVE-2020-14432",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2020-14432",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-006797",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2021-44777",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14432",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.7,
"id": "CVE-2020-14432",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006797",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14432",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-14432",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-006797",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-44777",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1247",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44777"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006797"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1247"
},
{
"db": "NVD",
"id": "CVE-2020-14432"
},
{
"db": "NVD",
"id": "CVE-2020-14432"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by CSRF. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. The vulnerability stems from the fact that the WEB application does not fully verify whether the request comes from a trusted user. An attacker can use this vulnerability to send unexpected requests to the server through the affected client",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14432"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006797"
},
{
"db": "CNVD",
"id": "CNVD-2021-44777"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14432",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006797",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-44777",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1247",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44777"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006797"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1247"
},
{
"db": "NVD",
"id": "CVE-2020-14432"
}
]
},
"id": "VAR-202006-0929",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44777"
}
],
"trust": 1.0097272085714286
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44777"
}
]
},
"last_update_date": "2024-11-23T22:16:27.342000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Cross Site Request Forgery on Some WiFi Systems, PSV-2020-0049",
"trust": 0.8,
"url": "https://kb.netgear.com/000061937/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-WiFi-Systems-PSV-2020-0049"
},
{
"title": "Patch for Cross-site request forgery vulnerabilities in multiple NETGEAR products (CNVD-2021-44777)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/275101"
},
{
"title": "Multiple NETGEAR Repair measures for product cross-site request forgery vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121995"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44777"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006797"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1247"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006797"
},
{
"db": "NVD",
"id": "CVE-2020-14432"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14432"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061937/security-advisory-for-cross-site-request-forgery-on-some-wifi-systems-psv-2020-0049"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-14432"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44777"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006797"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1247"
},
{
"db": "NVD",
"id": "CVE-2020-14432"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-44777"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006797"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1247"
},
{
"db": "NVD",
"id": "CVE-2020-14432"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44777"
},
{
"date": "2020-07-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006797"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1247"
},
{
"date": "2020-06-18T17:15:12.327000",
"db": "NVD",
"id": "CVE-2020-14432"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44777"
},
{
"date": "2020-07-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006797"
},
{
"date": "2020-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1247"
},
{
"date": "2024-11-21T05:03:15.507000",
"db": "NVD",
"id": "CVE-2020-14432"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1247"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Cross-site request forgery vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006797"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1247"
}
],
"trust": 0.6
}
}
VAR-202012-1195
Vulnerability from variot - Updated: 2024-11-23 22:16Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects CBR40 before 2.5.0.10, D6220 before 1.0.0.60, D6400 before 1.0.0.94, D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, DC112A before 1.0.0.48, DGN2200v4 before 1.0.0.114, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX3920 before 1.0.0.84, EX6000 before 1.0.0.44, EX6100 before 1.0.2.28, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX6150 before 1.0.0.46, EX6200 before 1.0.3.94, EX6920 before 1.0.0.54, EX7000 before 1.0.1.90, EX7500 before 1.0.0.68, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6250 before 1.0.4.42, R6300v2 before 1.0.4.42, R6400 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700v3 before 1.0.4.98, R6700 before 1.0.2.16, R6900P before 1.3.2.124, R6900 before 1.0.2.16, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8300 before 1.0.2.134, R8500 before 1.0.2.134, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.2.102, RAX45 before 1.0.2.32, RAX50 before 1.0.2.32, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V-200 before 1.0.0.46, RBW30 before 2.5.0.4, RS400 before 1.5.0.48, WN2500RPv2 before 1.0.1.56, WN3500RP before 1.0.0.28, WNDR3400v3 before 1.0.1.32, WNR1000v3 before 1.0.2.78, WNR2000v2 before 1.2.0.12, WNR3500Lv2 before 1.2.0.62, and XR300 before 1.0.3.50. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202012-1195",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.0.10"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "ex3920",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.84"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.90"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.124"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.42"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.102"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "ex6920",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.0.48"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "dc112a",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "mk62",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.84"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.134"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.64"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.106"
},
{
"model": "rx45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.98"
},
{
"model": "ex6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.84"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbs40v-200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.94"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.60"
},
{
"model": "wn2500rpv2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.56"
},
{
"model": "wnr1000v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.78"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.102"
},
{
"model": "eax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.134"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "eax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "wn3500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "rbw30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.0.4"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.42"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.58"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.50"
},
{
"model": "wnr2000v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.12"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.28"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.114"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.64"
},
{
"model": "rbk752",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.32"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.62"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.50"
},
{
"model": "ex7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.124"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.62"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.98"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.16.6"
},
{
"model": "d6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6220",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex3700",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "dc112a",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "dgn2200v4",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d7000v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "eax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "eax80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cbr40",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015040"
},
{
"db": "NVD",
"id": "CVE-2020-35796"
}
]
},
"cve": "CVE-2020-35796",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-35796",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-35796",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-35796",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-35796",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-35796",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-35796",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2020-35796",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202012-1747",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015040"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1747"
},
{
"db": "NVD",
"id": "CVE-2020-35796"
},
{
"db": "NVD",
"id": "CVE-2020-35796"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects CBR40 before 2.5.0.10, D6220 before 1.0.0.60, D6400 before 1.0.0.94, D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, DC112A before 1.0.0.48, DGN2200v4 before 1.0.0.114, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX3920 before 1.0.0.84, EX6000 before 1.0.0.44, EX6100 before 1.0.2.28, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX6150 before 1.0.0.46, EX6200 before 1.0.3.94, EX6920 before 1.0.0.54, EX7000 before 1.0.1.90, EX7500 before 1.0.0.68, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6250 before 1.0.4.42, R6300v2 before 1.0.4.42, R6400 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700v3 before 1.0.4.98, R6700 before 1.0.2.16, R6900P before 1.3.2.124, R6900 before 1.0.2.16, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8300 before 1.0.2.134, R8500 before 1.0.2.134, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.2.102, RAX45 before 1.0.2.32, RAX50 before 1.0.2.32, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V-200 before 1.0.0.46, RBW30 before 2.5.0.4, RS400 before 1.5.0.48, WN2500RPv2 before 1.0.1.56, WN3500RP before 1.0.0.28, WNDR3400v3 before 1.0.1.32, WNR1000v3 before 1.0.2.78, WNR2000v2 before 1.2.0.12, WNR3500Lv2 before 1.2.0.62, and XR300 before 1.0.3.50. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-35796"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015040"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-35796",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015040",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1747",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015040"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1747"
},
{
"db": "NVD",
"id": "CVE-2020-35796"
}
]
},
"id": "VAR-202012-1195",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4478068748749998
},
"last_update_date": "2024-11-23T22:16:10.698000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Pre-Authentication\u00a0Buffer\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers,\u00a0Range\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0201",
"trust": 0.8,
"url": "https://kb.netgear.com/000062717/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2020-0201"
},
{
"title": "Certain NETGEAR devices Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138126"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015040"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1747"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015040"
},
{
"db": "NVD",
"id": "CVE-2020-35796"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000062717/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-range-extenders-and-wifi-systems-psv-2020-0201"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35796"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015040"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1747"
},
{
"db": "NVD",
"id": "CVE-2020-35796"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015040"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1747"
},
{
"db": "NVD",
"id": "CVE-2020-35796"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-015040"
},
{
"date": "2020-12-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1747"
},
{
"date": "2020-12-30T00:15:14.160000",
"db": "NVD",
"id": "CVE-2020-35796"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-08T08:43:00",
"db": "JVNDB",
"id": "JVNDB-2020-015040"
},
{
"date": "2021-01-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1747"
},
{
"date": "2024-11-21T05:28:07.700000",
"db": "NVD",
"id": "CVE-2020-35796"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1747"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Classic buffer overflow vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015040"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1747"
}
],
"trust": 0.6
}
}
VAR-202006-0584
Vulnerability from variot - Updated: 2024-11-23 22:11Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBK853 before 3.2.10.11, RBR850 before 3.2.10.11, RBS850 before 3.2.10.11, RBK842 before 3.2.10.11, RBR840 before 3.2.10.11, and RBS840 before 3.2.10.11. plural NETGEAR Devices contain vulnerabilities in insufficient protection of credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR.
There are security vulnerabilities in many NETGEAR products. Attackers can use this vulnerability to obtain management credentials. This affects RBK752 prior to 3.2.15.25, RBK753 prior to 3.2.15.25, RBK753S prior to 3.2.15.25, RBR750 prior to 3.2.15.25, RBS750 prior to 3.2.15.25, RBK852 prior to 3.2.10.11, RBK853 prior to 3.2.10.11, RBR850 prior to 3.2.10.11, RBS850 prior to 3.2.10.11, RBK842 prior to 3.2.10.11, RBR840 prior to 3.2.10.11, and RBS840 prior to 3.2.10.11
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0584",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbk752",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.10.11"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.10.11"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.10.11"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.10.11"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.10.11"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.10.11"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.10.11"
},
{
"model": "rbk752",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.10.11"
},
{
"model": "rbk852",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.10.11"
},
{
"model": "rbk853",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.10.11"
},
{
"model": "rbr750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.10.11"
},
{
"model": "rbr850",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.10.11"
},
{
"model": "rbs750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.10.11"
},
{
"model": "rbs850",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.10.11"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "3.2.15.25"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44773"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006747"
},
{
"db": "NVD",
"id": "CVE-2020-14426"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:rbk752_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk842_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk852_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk853_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr850_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs850_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006747"
}
]
},
"cve": "CVE-2020-14426",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2020-14426",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-006747",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-44773",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14426",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14426",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006747",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14426",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-14426",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-006747",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-44773",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1239",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2020-14426",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44773"
},
{
"db": "VULMON",
"id": "CVE-2020-14426"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006747"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1239"
},
{
"db": "NVD",
"id": "CVE-2020-14426"
},
{
"db": "NVD",
"id": "CVE-2020-14426"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBK853 before 3.2.10.11, RBR850 before 3.2.10.11, RBS850 before 3.2.10.11, RBK842 before 3.2.10.11, RBR840 before 3.2.10.11, and RBS840 before 3.2.10.11. plural NETGEAR Devices contain vulnerabilities in insufficient protection of credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. \n\r\n\r\nThere are security vulnerabilities in many NETGEAR products. Attackers can use this vulnerability to obtain management credentials. This affects RBK752 prior to 3.2.15.25, RBK753 prior to 3.2.15.25, RBK753S prior to 3.2.15.25, RBR750 prior to 3.2.15.25, RBS750 prior to 3.2.15.25, RBK852 prior to 3.2.10.11, RBK853 prior to 3.2.10.11, RBR850 prior to 3.2.10.11, RBS850 prior to 3.2.10.11, RBK842 prior to 3.2.10.11, RBR840 prior to 3.2.10.11, and RBS840 prior to 3.2.10.11",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14426"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006747"
},
{
"db": "CNVD",
"id": "CNVD-2021-44773"
},
{
"db": "VULMON",
"id": "CVE-2020-14426"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14426",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006747",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-44773",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1239",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-14426",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44773"
},
{
"db": "VULMON",
"id": "CVE-2020-14426"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006747"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1239"
},
{
"db": "NVD",
"id": "CVE-2020-14426"
}
]
},
"id": "VAR-202006-0584",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44773"
}
],
"trust": 1.0097272085714286
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44773"
}
]
},
"last_update_date": "2024-11-23T22:11:28.237000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Admin Credential Disclosure on Some Wifi Systems, PSV-2020-0033",
"trust": 0.8,
"url": "https://kb.netgear.com/000061931/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-Wifi-Systems-PSV-2020-0033"
},
{
"title": "Patch for Information Disclosure Vulnerabilities in Multiple NETGEAR Products (CNVD-2021-44773)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/275071"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121988"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44773"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006747"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1239"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-522",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006747"
},
{
"db": "NVD",
"id": "CVE-2020-14426"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14426"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000061931/security-advisory-for-admin-credential-disclosure-on-some-wifi-systems-psv-2020-0033"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-14426"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44773"
},
{
"db": "VULMON",
"id": "CVE-2020-14426"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006747"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1239"
},
{
"db": "NVD",
"id": "CVE-2020-14426"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-44773"
},
{
"db": "VULMON",
"id": "CVE-2020-14426"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006747"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1239"
},
{
"db": "NVD",
"id": "CVE-2020-14426"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44773"
},
{
"date": "2020-06-18T00:00:00",
"db": "VULMON",
"id": "CVE-2020-14426"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006747"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1239"
},
{
"date": "2020-06-18T17:15:11.813000",
"db": "NVD",
"id": "CVE-2020-14426"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44773"
},
{
"date": "2021-07-21T00:00:00",
"db": "VULMON",
"id": "CVE-2020-14426"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006747"
},
{
"date": "2020-06-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1239"
},
{
"date": "2024-11-21T05:03:14.453000",
"db": "NVD",
"id": "CVE-2020-14426"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1239"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Inadequate protection of credentials on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006747"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1239"
}
],
"trust": 0.6
}
}
VAR-202006-0936
Vulnerability from variot - Updated: 2024-11-23 22:05Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. Attackers can use this vulnerability to execute arbitrary Shell commands on the system by sending a specially crafted request
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0936",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbk752",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk752",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44784"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006686"
},
{
"db": "NVD",
"id": "CVE-2020-14439"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:rbk752_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk842_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk852_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk853_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs840_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006686"
}
]
},
"cve": "CVE-2020-14439",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2020-14439",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-006686",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-44784",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14439",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14439",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006686",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14439",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-14439",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-006686",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-44784",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1256",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44784"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006686"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1256"
},
{
"db": "NVD",
"id": "CVE-2020-14439"
},
{
"db": "NVD",
"id": "CVE-2020-14439"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. Attackers can use this vulnerability to execute arbitrary Shell commands on the system by sending a specially crafted request",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14439"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006686"
},
{
"db": "CNVD",
"id": "CNVD-2021-44784"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14439",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006686",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-44784",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1256",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44784"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006686"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1256"
},
{
"db": "NVD",
"id": "CVE-2020-14439"
}
]
},
"id": "VAR-202006-0936",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44784"
}
],
"trust": 1.0097272085714286
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44784"
}
]
},
"last_update_date": "2024-11-23T22:05:37.103000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentification Command Injection on Some WiFi Systems, PSV-2020-0064",
"trust": 0.8,
"url": "https://kb.netgear.com/000061942/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0064"
},
{
"title": "Patch for Operating system command injection vulnerabilities in multiple NETGEAR products (CNVD-2021-44784)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/275031"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44784"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006686"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "CWE-78",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006686"
},
{
"db": "NVD",
"id": "CVE-2020-14439"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14439"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061942/security-advisory-for-pre-authentication-command-injection-on-some-wifi-systems-psv-2020-0064"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-14439"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44784"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006686"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1256"
},
{
"db": "NVD",
"id": "CVE-2020-14439"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-44784"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006686"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1256"
},
{
"db": "NVD",
"id": "CVE-2020-14439"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44784"
},
{
"date": "2020-07-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006686"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1256"
},
{
"date": "2020-06-18T17:15:13.047000",
"db": "NVD",
"id": "CVE-2020-14439"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44784"
},
{
"date": "2020-07-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006686"
},
{
"date": "2020-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1256"
},
{
"date": "2024-11-21T05:03:16.763000",
"db": "NVD",
"id": "CVE-2020-14439"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1256"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR On the device OS Command injection vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006686"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1256"
}
],
"trust": 0.6
}
}
VAR-202006-0930
Vulnerability from variot - Updated: 2024-11-23 21:59Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBK842 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, and RBS750 before 3.2.15.25. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR.
Injection vulnerabilities exist in many NETGEAR products. The vulnerability stems from the fact that the network system or product lacks the correct verification of the user input data during the operation process of the user inputting the construction command, data structure or record, and the special elements are not filtered or correctly filtered, resulting in the analysis or analysis of the system or product. The explanation is wrong. No detailed vulnerability details are currently provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0930",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbk752",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk752",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44778"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006744"
},
{
"db": "NVD",
"id": "CVE-2020-14433"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:rbk752_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk842_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk852_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk853_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr850_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs850_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006744"
}
]
},
"cve": "CVE-2020-14433",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2020-14433",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-006744",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2021-44778",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2020-14433",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.7,
"id": "CVE-2020-14433",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006744",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14433",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-14433",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-006744",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-44778",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1248",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44778"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006744"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1248"
},
{
"db": "NVD",
"id": "CVE-2020-14433"
},
{
"db": "NVD",
"id": "CVE-2020-14433"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBK842 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, and RBS750 before 3.2.15.25. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. \n\r\n\r\nInjection vulnerabilities exist in many NETGEAR products. The vulnerability stems from the fact that the network system or product lacks the correct verification of the user input data during the operation process of the user inputting the construction command, data structure or record, and the special elements are not filtered or correctly filtered, resulting in the analysis or analysis of the system or product. The explanation is wrong. No detailed vulnerability details are currently provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14433"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006744"
},
{
"db": "CNVD",
"id": "CNVD-2021-44778"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14433",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006744",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-44778",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1248",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44778"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006744"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1248"
},
{
"db": "NVD",
"id": "CVE-2020-14433"
}
]
},
"id": "VAR-202006-0930",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44778"
}
],
"trust": 1.0097272085714286
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44778"
}
]
},
"last_update_date": "2024-11-23T21:59:12.224000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Command Injection on Some WiFi Systems, PSV-2020-0035",
"trust": 0.8,
"url": "https://kb.netgear.com/000061932/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0035"
},
{
"title": "Patch for Command injection vulnerabilities in multiple NETGEAR products (CNVD-2021-44778)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/275096"
},
{
"title": "Multiple NETGEAR Product Command Injection Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121996"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44778"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006744"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1248"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "CWE-74",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006744"
},
{
"db": "NVD",
"id": "CVE-2020-14433"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14433"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061932/security-advisory-for-post-authentication-command-injection-on-some-wifi-systems-psv-2020-0035"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-14433"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44778"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006744"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1248"
},
{
"db": "NVD",
"id": "CVE-2020-14433"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-44778"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006744"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1248"
},
{
"db": "NVD",
"id": "CVE-2020-14433"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44778"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006744"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1248"
},
{
"date": "2020-06-18T17:15:12.453000",
"db": "NVD",
"id": "CVE-2020-14433"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44778"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006744"
},
{
"date": "2020-06-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1248"
},
{
"date": "2024-11-21T05:03:15.677000",
"db": "NVD",
"id": "CVE-2020-14433"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1248"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Injection vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1248"
}
],
"trust": 0.6
}
}
VAR-202006-0585
Vulnerability from variot - Updated: 2024-11-23 21:51Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR Devices contain vulnerabilities in insufficient protection of credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR.
There are security vulnerabilities in many NETGEAR products. Attackers can use this vulnerability to obtain management credentials
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0585",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbk752",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk752",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44774"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006748"
},
{
"db": "NVD",
"id": "CVE-2020-14427"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:rbk752_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk842_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk852_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk853_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr850_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs850_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006748"
}
]
},
"cve": "CVE-2020-14427",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2020-14427",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-006748",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-44774",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14427",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14427",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006748",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14427",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-14427",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-006748",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-44774",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1240",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44774"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006748"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1240"
},
{
"db": "NVD",
"id": "CVE-2020-14427"
},
{
"db": "NVD",
"id": "CVE-2020-14427"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR Devices contain vulnerabilities in insufficient protection of credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. \n\r\n\r\nThere are security vulnerabilities in many NETGEAR products. Attackers can use this vulnerability to obtain management credentials",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14427"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006748"
},
{
"db": "CNVD",
"id": "CNVD-2021-44774"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14427",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006748",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-44774",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1240",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44774"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006748"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1240"
},
{
"db": "NVD",
"id": "CVE-2020-14427"
}
]
},
"id": "VAR-202006-0585",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44774"
}
],
"trust": 1.0097272085714286
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44774"
}
]
},
"last_update_date": "2024-11-23T21:51:28.138000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Admin Credential Disclosure on Some WiFi Systems, PSV-2020-0042",
"trust": 0.8,
"url": "https://kb.netgear.com/000061935/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0042"
},
{
"title": "Patch for Information Disclosure Vulnerabilities in Multiple NETGEAR Products (CNVD-2021-44774)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/275076"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121989"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44774"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006748"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1240"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-522",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006748"
},
{
"db": "NVD",
"id": "CVE-2020-14427"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14427"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061935/security-advisory-for-admin-credential-disclosure-on-some-wifi-systems-psv-2020-0042"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-14427"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44774"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006748"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1240"
},
{
"db": "NVD",
"id": "CVE-2020-14427"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-44774"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006748"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1240"
},
{
"db": "NVD",
"id": "CVE-2020-14427"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44774"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006748"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1240"
},
{
"date": "2020-06-18T17:15:11.920000",
"db": "NVD",
"id": "CVE-2020-14427"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44774"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006748"
},
{
"date": "2020-06-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1240"
},
{
"date": "2024-11-21T05:03:14.637000",
"db": "NVD",
"id": "CVE-2020-14427"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1240"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Inadequate protection of credentials on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006748"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1240"
}
],
"trust": 0.6
}
}
VAR-202006-0586
Vulnerability from variot - Updated: 2024-11-23 21:35Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR Devices contain vulnerabilities in insufficient protection of credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR.
There are security vulnerabilities in many NETGEAR products. Attackers can use this vulnerability to obtain management credentials
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0586",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbk752",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk752",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-62723"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006749"
},
{
"db": "NVD",
"id": "CVE-2020-14428"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:rbk752_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk842_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk852_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk853_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr850_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs850_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006749"
}
]
},
"cve": "CVE-2020-14428",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2020-14428",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-006749",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-62723",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14428",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14428",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006749",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14428",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-14428",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-006749",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-62723",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1241",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-62723"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006749"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1241"
},
{
"db": "NVD",
"id": "CVE-2020-14428"
},
{
"db": "NVD",
"id": "CVE-2020-14428"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR Devices contain vulnerabilities in insufficient protection of credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. \n\r\n\r\nThere are security vulnerabilities in many NETGEAR products. Attackers can use this vulnerability to obtain management credentials",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14428"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006749"
},
{
"db": "CNVD",
"id": "CNVD-2021-62723"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14428",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006749",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-62723",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1241",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-62723"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006749"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1241"
},
{
"db": "NVD",
"id": "CVE-2020-14428"
}
]
},
"id": "VAR-202006-0586",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-62723"
}
],
"trust": 1.0097272085714286
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-62723"
}
]
},
"last_update_date": "2024-11-23T21:35:44.493000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Admin Credential Disclosure on Some WiFi Systems, PSV-2020-0044",
"trust": 0.8,
"url": "https://kb.netgear.com/000061936/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0044"
},
{
"title": "Patch for Information Disclosure Vulnerabilities in Multiple NETGEAR Products (CNVD-2021-62723)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/275116"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121990"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-62723"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006749"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1241"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-522",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006749"
},
{
"db": "NVD",
"id": "CVE-2020-14428"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14428"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061936/security-advisory-for-admin-credential-disclosure-on-some-wifi-systems-psv-2020-0044"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-14428"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-62723"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006749"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1241"
},
{
"db": "NVD",
"id": "CVE-2020-14428"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-62723"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006749"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1241"
},
{
"db": "NVD",
"id": "CVE-2020-14428"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-62723"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006749"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1241"
},
{
"date": "2020-06-18T17:15:12",
"db": "NVD",
"id": "CVE-2020-14428"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-62723"
},
{
"date": "2020-07-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006749"
},
{
"date": "2020-06-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1241"
},
{
"date": "2024-11-21T05:03:14.810000",
"db": "NVD",
"id": "CVE-2020-14428"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1241"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Inadequate protection of credentials on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006749"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1241"
}
],
"trust": 0.6
}
}
VAR-202006-0901
Vulnerability from variot - Updated: 2024-11-23 21:35Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. Attackers can use this vulnerability to execute arbitrary shell commands with the help of specially crafted requests
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0901",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbk752",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk752",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk753s",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk842",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk852",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbk853",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbr840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs750",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
},
{
"model": "rbs840",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "3.2.15.25"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44787"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006683"
},
{
"db": "NVD",
"id": "CVE-2020-14442"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:rbk752_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk753s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk842_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk852_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk853_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr840_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs750_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs840_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006683"
}
]
},
"cve": "CVE-2020-14442",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2020-14442",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-006683",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-44787",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14442",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-14442",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006683",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14442",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-14442",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-006683",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-44787",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-1266",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44787"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006683"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1266"
},
{
"db": "NVD",
"id": "CVE-2020-14442"
},
{
"db": "NVD",
"id": "CVE-2020-14442"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR RBK752, etc. are all home WiFi systems of NETGEAR. Attackers can use this vulnerability to execute arbitrary shell commands with the help of specially crafted requests",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14442"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006683"
},
{
"db": "CNVD",
"id": "CNVD-2021-44787"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14442",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006683",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-44787",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1266",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44787"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006683"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1266"
},
{
"db": "NVD",
"id": "CVE-2020-14442"
}
]
},
"id": "VAR-202006-0901",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44787"
}
],
"trust": 1.0097272085714286
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44787"
}
]
},
"last_update_date": "2024-11-23T21:35:44.296000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentification Command Injection on Some WiFi Systems, PSV-2020-0103",
"trust": 0.8,
"url": "https://kb.netgear.com/000061947/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0103"
},
{
"title": "Patch for Operating system command injection vulnerabilities in multiple NETGEAR products (CNVD-2021-44787)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/275066"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44787"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006683"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "CWE-78",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006683"
},
{
"db": "NVD",
"id": "CVE-2020-14442"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14442"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061947/security-advisory-for-pre-authentication-command-injection-on-some-wifi-systems-psv-2020-0103"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-14442"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-44787"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006683"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1266"
},
{
"db": "NVD",
"id": "CVE-2020-14442"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-44787"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006683"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-1266"
},
{
"db": "NVD",
"id": "CVE-2020-14442"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44787"
},
{
"date": "2020-07-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006683"
},
{
"date": "2020-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1266"
},
{
"date": "2020-06-18T17:15:13.327000",
"db": "NVD",
"id": "CVE-2020-14442"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-44787"
},
{
"date": "2020-07-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006683"
},
{
"date": "2020-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-1266"
},
{
"date": "2024-11-21T05:03:17.260000",
"db": "NVD",
"id": "CVE-2020-14442"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1266"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR On the device OS Command injection vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006683"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-1266"
}
],
"trust": 0.6
}
}