Search

Find a vulnerability

Search criteria

    26 vulnerabilities found for dm200 by netgear

    VAR-202004-0777

    Vulnerability from variot - Updated: 2024-11-23 23:08

    Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.63, D7800 before 1.0.1.47, DM200 before 1.0.0.61, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, and RBS50 before 2.3.0.32. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6000 is a wireless modem. NETGEAR R7500 is a wireless router. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0777",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.60"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.47"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.63"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.40"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.63"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.40"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.47"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.60"
          },
          {
            "model": "rbk50",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbr50",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbs50",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.40"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20715"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbk50_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbr50_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbs50_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wayne Low of Fortinets FortiGuard Labs",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-20715",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2019-20715",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.5,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015317",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CNVD-2020-30686",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2019-20715",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2019-20715",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015317",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20715",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20715",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015317",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-30686",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1299",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20715"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20715"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.63, D7800 before 1.0.1.47, DM200 before 1.0.0.61, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, and RBS50 before 2.3.0.32. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6000 is a wireless modem. NETGEAR R7500 is a wireless router. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20715"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20715",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20715"
          }
        ]
      },
      "id": "VAR-202004-0777",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          }
        ],
        "trust": 1.0532386472727273
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:08:03.159000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Stored Cross Site Scripting on Some Routers, Gateways, and WiFi Systems, PSV-2018-0248",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061213/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2018-0248"
          },
          {
            "title": "Patch for Multiple NETGEAR product cross-site scripting vulnerabilities (CNVD-2020-30686)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/219485"
          },
          {
            "title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116568"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20715"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20715"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061213/security-advisory-for-stored-cross-site-scripting-on-some-routers-gateways-and-wifi-systems-psv-2018-0248"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20715"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20715"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20715"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          },
          {
            "date": "2020-05-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          },
          {
            "date": "2020-04-16T19:15:24.823000",
            "db": "NVD",
            "id": "CVE-2019-20715"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          },
          {
            "date": "2020-05-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          },
          {
            "date": "2024-11-21T04:39:10.023000",
            "db": "NVD",
            "id": "CVE-2019-20715"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0798

    Vulnerability from variot - Updated: 2024-11-23 23:08

    Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, DM200 before 1.0.0.58, R7800 before 1.0.2.58, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0798",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "rbk40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.58"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "rbk20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbr20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbs20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.28"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015457"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20752"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbk20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbr20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbs20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015457"
          }
        ]
      },
      "cve": "CVE-2019-20752",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2019-20752",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.5,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015457",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2019-20752",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2019-20752",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015457",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20752",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20752",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015457",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1363",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015457"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1363"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20752"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20752"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, DM200 before 1.0.0.58, R7800 before 1.0.2.58, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20752"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015457"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20752",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015457",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1363",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015457"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1363"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20752"
          }
        ]
      },
      "id": "VAR-202004-0798",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.32658418937499994
      },
      "last_update_date": "2024-11-23T23:08:03.130000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Site Stored Cross Scripting on Some Gateways, Routers, and WiFi Systems, PSV-2018-0250",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000060967/Security-Advisory-for-Site-Stored-Cross-Scripting-on-Some-Gateways-Routers-and-WiFi-Systems-PSV-2018-0250"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015457"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015457"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20752"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000060967/security-advisory-for-site-stored-cross-scripting-on-some-gateways-routers-and-wifi-systems-psv-2018-0250"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20752"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20752"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015457"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1363"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20752"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015457"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1363"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20752"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015457"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1363"
          },
          {
            "date": "2020-04-16T22:15:12.727000",
            "db": "NVD",
            "id": "CVE-2019-20752"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015457"
          },
          {
            "date": "2020-04-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1363"
          },
          {
            "date": "2024-11-21T04:39:16.207000",
            "db": "NVD",
            "id": "CVE-2019-20752"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015457"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1363"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1581

    Vulnerability from variot - Updated: 2024-11-23 23:07

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800, etc. are all products of NETGEAR. NETGEAR R7800 is a wireless router. NETGEAR D7800 is a wireless modem. NETGEAR WNDR4300 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, it does not correctly verify the data boundary, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.34, DM200 prior to 1.0.0.50, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.42, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.10, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1581",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.42"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "r6020",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.42"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.96"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67652"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016319"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21145"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6020_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016319"
          }
        ]
      },
      "cve": "CVE-2018-21145",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2018-21145",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016319",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2021-67652",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21145",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21145",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016319",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21145",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21145",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016319",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-67652",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1844",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21145",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67652"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21145"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016319"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1844"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21145"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21145"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800, etc. are all products of NETGEAR. NETGEAR R7800 is a wireless router. NETGEAR D7800 is a wireless modem. NETGEAR WNDR4300 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, it does not correctly verify the data boundary, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.34, DM200 prior to 1.0.0.50, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.42, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.10, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21145"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016319"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-67652"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21145"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21145",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016319",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-67652",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1844",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21145",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67652"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21145"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016319"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1844"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21145"
          }
        ]
      },
      "id": "VAR-202004-1581",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67652"
          }
        ],
        "trust": 1.1820485261538463
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67652"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:07:58.476000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Gateways and Routers, PSV-2017-3160",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000059488/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3160"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-67652)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/289176"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116320"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67652"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016319"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1844"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016319"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21145"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21145"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000059488/security-advisory-for-post-authentication-stack-overflow-on-some-gateways-and-routers-psv-2017-3160"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21145"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67652"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21145"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016319"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1844"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21145"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67652"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21145"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016319"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1844"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21145"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-67652"
          },
          {
            "date": "2020-04-21T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21145"
          },
          {
            "date": "2020-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016319"
          },
          {
            "date": "2020-04-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1844"
          },
          {
            "date": "2020-04-21T22:15:14.197000",
            "db": "NVD",
            "id": "CVE-2018-21145"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-67652"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21145"
          },
          {
            "date": "2020-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016319"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1844"
          },
          {
            "date": "2024-11-21T04:03:00.650000",
            "db": "NVD",
            "id": "CVE-2018-21145"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1844"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016319"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1844"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202112-2309

    Vulnerability from variot - Updated: 2024-11-23 23:00

    Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBK40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR20 before 2.3.0.28, RBR40 before 2.3.0.28, RBR50 before 2.3.0.32, RBS20 before 2.3.0.28, RBS40 before 2.3.0.28, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, XR450 before 2.3.2.56, and XR500 before 2.3.2.56. plural NETGEAR There is an unspecified vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D3600 prior to 1.0.0.72, D6000 prior to 1.0.0.72, D6200 prior to 1.1.00.34, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.74, D7000v2 prior to 1.0.0.53, D7800 prior to 1.0.1.56, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200v4 prior to 1.0.0.110, DGND2200Bv4 prior to 1.0.0.109, DM200 prior to 1.0.0.61, EX3700 prior to 1.0.0.76, EX3800 prior to 1.0.0.76, EX6120 prior to 1.0.0.46, EX6130 prior to 1.0.0.28, EX7000 prior to 1.0.1.78, PR2000 prior to 1.0.0.28, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6250 prior to 1.0.4.34, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.66, R6700 prior to 1.0.2.6, R6700v3 prior to 1.0.2.66, R6900 prior to 1.0.2.6, R7000 prior to 1.0.9.34, R7100LG prior to 1.0.0.50, R7500v2 prior to 1.0.3.40, R7900P prior to 1.4.1.50, R8000P prior to 1.4.1.50, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, RBK20 prior to 2.3.0.28, RBK40 prior to 2.3.0.28, RBK50 prior to 2.3.0.32, RBR20 prior to 2.3.0.28, RBR40 prior to 2.3.0.28, RBR50 prior to 2.3.0.32, RBS20 prior to 2.3.0.28, RBS40 prior to 2.3.0.28, RBS50 prior to 2.3.0.32, WN3000RPv2 prior to 1.0.0.78, WNDR3400v3 prior to 1.0.1.24, WNR2000v5 prior to 1.0.0.70, WNR2020 prior to 1.1.0.62, WNR3500Lv2 prior to 1.2.0.62, XR450 prior to 2.3.2.56, and XR500 prior to 2.3.2.56

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2309",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "dc112a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.66"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.34"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "dgn2200bv4",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.109"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.50"
          },
          {
            "model": "rbk40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbr40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.50"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "dgn2200v4",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.9.34"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.74"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.56"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.6"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.34"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.100"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.40"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.34"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "wndr3400v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "xr450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.56"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.56"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "r6700v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.66"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.6"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.44"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.53"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.86"
          },
          {
            "model": "r6230",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.100"
          },
          {
            "model": "wnr3500lv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "d8500",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d3600",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "dc112a",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6220",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45640"
          }
        ]
      },
      "cve": "CVE-2021-45640",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2021-45640",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2021-45640",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 3.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 0.5,
                "id": "CVE-2021-45640",
                "impactScore": 3.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-45640",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-45640",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2021-45640",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-45640",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202112-2436",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45640"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45640"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBK40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR20 before 2.3.0.28, RBR40 before 2.3.0.28, RBR50 before 2.3.0.32, RBS20 before 2.3.0.28, RBS40 before 2.3.0.28, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, XR450 before 2.3.2.56, and XR500 before 2.3.2.56. plural NETGEAR There is an unspecified vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D3600 prior to 1.0.0.72, D6000 prior to 1.0.0.72, D6200 prior to 1.1.00.34, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.74, D7000v2 prior to 1.0.0.53, D7800 prior to 1.0.1.56, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200v4 prior to 1.0.0.110, DGND2200Bv4 prior to 1.0.0.109, DM200 prior to 1.0.0.61, EX3700 prior to 1.0.0.76, EX3800 prior to 1.0.0.76, EX6120 prior to 1.0.0.46, EX6130 prior to 1.0.0.28, EX7000 prior to 1.0.1.78, PR2000 prior to 1.0.0.28, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6250 prior to 1.0.4.34, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.66, R6700 prior to 1.0.2.6, R6700v3 prior to 1.0.2.66, R6900 prior to 1.0.2.6, R7000 prior to 1.0.9.34, R7100LG prior to 1.0.0.50, R7500v2 prior to 1.0.3.40, R7900P prior to 1.4.1.50, R8000P prior to 1.4.1.50, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, RBK20 prior to 2.3.0.28, RBK40 prior to 2.3.0.28, RBK50 prior to 2.3.0.32, RBR20 prior to 2.3.0.28, RBR40 prior to 2.3.0.28, RBR50 prior to 2.3.0.32, RBS20 prior to 2.3.0.28, RBS40 prior to 2.3.0.28, RBS50 prior to 2.3.0.32, WN3000RPv2 prior to 1.0.0.78, WNDR3400v3 prior to 1.0.1.24, WNR2000v5 prior to 1.0.0.70, WNR2020 prior to 1.1.0.62, WNR3500Lv2 prior to 1.2.0.62, XR450 prior to 2.3.2.56, and XR500 prior to 2.3.2.56",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45640"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45640"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-45640",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2436",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45640",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45640"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45640"
          }
        ]
      },
      "id": "VAR-202112-2309",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.43955887916666675
      },
      "last_update_date": "2024-11-23T23:00:59.703000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Security\u00a0Misconfiguration\u00a0on\u00a0Some\u00a0Routers,\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2018-0228",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000064045/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0228"
          },
          {
            "title": "Netgear NETGEAR Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176674"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45640"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000064045/security-advisory-for-security-misconfiguration-on-some-routers-extenders-and-wifi-systems-psv-2018-0228"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45640"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45640"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45640"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45640"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45640"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-26T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45640"
          },
          {
            "date": "2023-01-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "date": "2021-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          },
          {
            "date": "2021-12-26T01:15:19.643000",
            "db": "NVD",
            "id": "CVE-2021-45640"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45640"
          },
          {
            "date": "2023-01-24T05:26:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "date": "2022-01-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          },
          {
            "date": "2024-11-21T06:32:45.090000",
            "db": "NVD",
            "id": "CVE-2021-45640"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0784

    Vulnerability from variot - Updated: 2024-11-23 22:58

    Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.44, DM200 before 1.0.0.58, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBS40 before 2.3.0.28, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR WNDR4300 is a wireless router. The vulnerability stems from the fact that the network system or product does not properly filter special elements in the process of constructing executable commands from external input data. Attackers can use this vulnerability to execute illegal commands

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0784",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.2.32"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.38"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.38"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "rbk20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbk50",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbr20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbs20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.38"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61055"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015387"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20722"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbk20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbk50_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbr20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbs20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015387"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "aircut",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1306"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-20722",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2019-20722",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015387",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2021-61055",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20722",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20722",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015387",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20722",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20722",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015387",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-61055",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1306",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61055"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015387"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1306"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20722"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20722"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.44, DM200 before 1.0.0.58, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBS40 before 2.3.0.28, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR WNDR4300 is a wireless router. The vulnerability stems from the fact that the network system or product does not properly filter special elements in the process of constructing executable commands from external input data. Attackers can use this vulnerability to execute illegal commands",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20722"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015387"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-61055"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20722",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015387",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-61055",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1306",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61055"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015387"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1306"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20722"
          }
        ]
      },
      "id": "VAR-202004-0784",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61055"
          }
        ],
        "trust": 1.0507588705263158
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61055"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:58:19.170000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Command Injection on Some Routers, Gateways, and WiFi Systems, PSV-2018-0148",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061206/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2018-0148"
          },
          {
            "title": "Patch for Command injection vulnerabilities in multiple NETGEAR products (CNVD-2021-61055)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/285381"
          },
          {
            "title": "Multiple NETGEAR Fixing measures for product injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116573"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61055"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015387"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1306"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-77",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-74",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015387"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20722"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20722"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061206/security-advisory-for-post-authentication-command-injection-on-some-routers-gateways-and-wifi-systems-psv-2018-0148"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20722"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61055"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015387"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1306"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20722"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61055"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015387"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1306"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20722"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-61055"
          },
          {
            "date": "2020-05-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015387"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1306"
          },
          {
            "date": "2020-04-16T19:15:25.277000",
            "db": "NVD",
            "id": "CVE-2019-20722"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-61055"
          },
          {
            "date": "2020-05-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015387"
          },
          {
            "date": "2020-10-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1306"
          },
          {
            "date": "2024-11-21T04:39:11.107000",
            "db": "NVD",
            "id": "CVE-2019-20722"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1306"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Injection vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015387"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "command injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1306"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202012-1198

    Vulnerability from variot - Updated: 2024-11-23 22:58

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6200 before 1.1.00.32, D7000 before 1.0.1.68, D7800 before 1.0.1.56, DM200 before 1.0.0.61, EX2700 before 1.0.1.52, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.74, EX6400 before 1.0.2.140, EX7300 before 1.0.2.140, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7500v2 before 1.0.3.40, R7800 before 1.0.2.62, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.78, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, XR450 before 2.3.2.32, and XR500 before 2.3.2.32. plural NETGEAR The device contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1198",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "ex6200v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.74"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.80"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "xr450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.32"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.68"
          },
          {
            "model": "rbr40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.140"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "ex6150v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.32"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.140"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.78"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.186"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "rbk40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "ex6100v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "r6230",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.80"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "xr500",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.32"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.56"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.078"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.62"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.40"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "d6000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6150v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6200v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "dm200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6100v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex2700",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d3600",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "cve": "CVE-2020-35799",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2020-35799",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-35799",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2020-35799",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-35799",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-35799",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2020-35799",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-35799",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202012-1741",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6200 before 1.1.00.32, D7000 before 1.0.1.68, D7800 before 1.0.1.56, DM200 before 1.0.0.61, EX2700 before 1.0.1.52, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.74, EX6400 before 1.0.2.140, EX7300 before 1.0.2.140, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7500v2 before 1.0.3.40, R7800 before 1.0.2.62, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.78, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, XR450 before 2.3.2.32, and XR500 before 2.3.2.32. plural NETGEAR The device contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-35799",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "id": "VAR-202012-1198",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.447916488139535
      },
      "last_update_date": "2024-11-23T22:58:05.562000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Pre-Authentication\u00a0Stack\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers,\u00a0Range\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2018-0296",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000062709/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2018-0296"
          },
          {
            "title": "Certain NETGEAR devices Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138121"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "Out-of-bounds writing (CWE-787) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000062709/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-range-extenders-and-wifi-systems-psv-2018-0296"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-35799"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "date": "2020-12-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "date": "2020-12-30T00:15:14.347000",
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-07T09:06:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "date": "2021-01-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "date": "2024-11-21T05:28:08.360000",
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Out-of-bounds write vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0800

    Vulnerability from variot - Updated: 2024-11-23 22:51

    Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, DM200 before 1.0.0.52, JNDR3000 before 1.0.0.22, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBW30 before 2.1.2.6, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3400v3 before 1.0.1.18, WNDR3700v4 before 1.0.2.96, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, WNR2000v5 before 1.0.0.64, and WNR3500Lv2 before 1.2.0.48. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R9000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, it does not correctly verify the data boundary, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0800",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.5.30"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.5.30"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.5.30"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.36"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.10"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.10"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.10"
          },
          {
            "model": "rbw30",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.1.2.6"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.39"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.116"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.116"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.9.26"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.20"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.20"
          },
          {
            "model": "jndr3000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.24"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "dgnd2200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "d6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.39"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "dgnd2200b",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "jndr3000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "rbk50",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.5.30"
          },
          {
            "model": "rbr50",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.5.30"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4300v1",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "dgn2200v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "wndr3400v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "wnr3500lv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.48"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "dgnd2200bv4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.4.24"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67656"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015430"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20728"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgnd2200b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jndr3000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbk50_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbr50_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015430"
          }
        ]
      },
      "cve": "CVE-2019-20728",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-20728",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015430",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2021-67656",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2019-20728",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2019-20728",
                "impactScore": 5.5,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.7,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015430",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20728",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20728",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015430",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-67656",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1339",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67656"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015430"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1339"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20728"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20728"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, DM200 before 1.0.0.52, JNDR3000 before 1.0.0.22, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBW30 before 2.1.2.6, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3400v3 before 1.0.1.18, WNDR3700v4 before 1.0.2.96, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, WNR2000v5 before 1.0.0.64, and WNR3500Lv2 before 1.2.0.48. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R9000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, it does not correctly verify the data boundary, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20728"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015430"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-67656"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20728",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015430",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-67656",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1339",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67656"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015430"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1339"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20728"
          }
        ]
      },
      "id": "VAR-202004-0800",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67656"
          }
        ],
        "trust": 1.131329496931818
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67656"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:51:27.214000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Buffer Overflow on Some Routers, Gateways, and WiFi Systems, PSV-2017-315",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061199/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2017-315"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-67656)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/289181"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114877"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67656"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015430"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1339"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015430"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20728"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20728"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061199/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-gateways-and-wifi-systems-psv-2017-315"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20728"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67656"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015430"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1339"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20728"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67656"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015430"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1339"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20728"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-67656"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015430"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1339"
          },
          {
            "date": "2020-04-16T20:15:13.210000",
            "db": "NVD",
            "id": "CVE-2019-20728"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-67656"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015430"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1339"
          },
          {
            "date": "2024-11-21T04:39:12.090000",
            "db": "NVD",
            "id": "CVE-2019-20728"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1339"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015430"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1339"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1642

    Vulnerability from variot - Updated: 2024-11-23 22:51

    Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.52, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.4.2, R9000 before 1.0.3.16, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR WNDR4300 is a wireless router. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code. This affects D7800 prior to 1.0.1.34, DM200 prior to 1.0.0.52, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.42, R8900 prior to 1.0.4.2, R9000 prior to 1.0.3.16, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1642",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.42"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "v2 1.0.3.26"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.42"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "v2 1.0.0.54"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.31"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.1"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.124"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.130"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.38"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.6"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.6"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.62"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28143"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21155"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016396"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21155"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016396"
          }
        ]
      },
      "cve": "CVE-2018-21155",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2018-21155",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.3,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016396",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2020-28143",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21155",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.1,
                "id": "CVE-2018-21155",
                "impactScore": 3.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.1,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016396",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21155",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21155",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016396",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-28143",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2204",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21155",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28143"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21155"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016396"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2204"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21155"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21155"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.52, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.4.2, R9000 before 1.0.3.16, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR WNDR4300 is a wireless router. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code. This affects D7800 prior to 1.0.1.34, DM200 prior to 1.0.0.52, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.42, R8900 prior to 1.0.4.2, R9000 prior to 1.0.3.16, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21155"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016396"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28143"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21155"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21155",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016396",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28143",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2204",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21155",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28143"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21155"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016396"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2204"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21155"
          }
        ]
      },
      "id": "VAR-202004-1642",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28143"
          }
        ],
        "trust": 1.2066003666666667
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28143"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:51:26.065000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Stored Cross-Site Scripting on Some Gateways and Routers, PSV-2017-3101",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000059478/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Gateways-and-Routers-PSV-2017-3101"
          },
          {
            "title": "Patch for Multiple NETGEAR product cross-site scripting vulnerabilities (CNVD-2020-28143)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/217441"
          },
          {
            "title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117299"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28143"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016396"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2204"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016396"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21155"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21155"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000059478/security-advisory-for-stored-cross-site-scripting-on-some-gateways-and-routers-psv-2017-3101"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21155"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/79.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28143"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21155"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016396"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2204"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21155"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28143"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21155"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016396"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2204"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21155"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28143"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21155"
          },
          {
            "date": "2020-06-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016396"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2204"
          },
          {
            "date": "2020-04-27T18:15:12.357000",
            "db": "NVD",
            "id": "CVE-2018-21155"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28143"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21155"
          },
          {
            "date": "2020-06-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016396"
          },
          {
            "date": "2020-05-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2204"
          },
          {
            "date": "2024-11-21T04:03:02.177000",
            "db": "NVD",
            "id": "CVE-2018-21155"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2204"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016396"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2204"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202012-1175

    Vulnerability from variot - Updated: 2024-11-23 22:51

    plural NETGEAR An unspecified vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state.

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1175",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rax40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.80"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "ex3920",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.84"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.90"
          },
          {
            "model": "ms60",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.102"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.80"
          },
          {
            "model": "ex6100v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.94"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.42"
          },
          {
            "model": "r7400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.40"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "ex6920",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "rbr40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.38"
          },
          {
            "model": "r7350",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "mk62",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.102"
          },
          {
            "model": "rbs850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.40"
          },
          {
            "model": "rbk12",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.44"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "cbk40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.0.10"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.152"
          },
          {
            "model": "rax120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.136"
          },
          {
            "model": "rbs10",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.44"
          },
          {
            "model": "ex6410",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.128"
          },
          {
            "model": "rbs750",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "rbs50y",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.40"
          },
          {
            "model": "wnr1000v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.78"
          },
          {
            "model": "rax200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.24"
          },
          {
            "model": "rax75",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.102"
          },
          {
            "model": "rbr850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "ex6150v1",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r6230",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.100"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.134"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.24"
          },
          {
            "model": "eax80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.62"
          },
          {
            "model": "r6400v1",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.62"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.74"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.48"
          },
          {
            "model": "ac2100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.58"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.42"
          },
          {
            "model": "xr300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.50"
          },
          {
            "model": "ex7700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.210"
          },
          {
            "model": "wnr2000v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "rax50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.64"
          },
          {
            "model": "r6260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.76"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.24"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.38"
          },
          {
            "model": "wndr3400v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "ex6110",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.68"
          },
          {
            "model": "ex6200v1",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.94"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.36"
          },
          {
            "model": "xr700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "ex3110",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.68"
          },
          {
            "model": "ex7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.66"
          },
          {
            "model": "rbr840",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "r7960p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.62"
          },
          {
            "model": "r6700v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.98"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.84"
          },
          {
            "model": "ac2600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "ex6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.128"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.224"
          },
          {
            "model": "ac2400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "cbr40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.0.10"
          },
          {
            "model": "rax20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.64"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.38"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.40"
          },
          {
            "model": "r6330",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.76"
          },
          {
            "model": "rbk852",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.62"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.48"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.2.124"
          },
          {
            "model": "xr450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.66"
          },
          {
            "model": "rs400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.5.0.48"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "r6350",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.76"
          },
          {
            "model": "dc112a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.84"
          },
          {
            "model": "ex6400v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.128"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "ex7320",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.128"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.134"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.152"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.11.106"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.98"
          },
          {
            "model": "rbs40v-200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "r7850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.60"
          },
          {
            "model": "wn2500rpv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.56"
          },
          {
            "model": "mr60",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.102"
          },
          {
            "model": "eax20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "r6700v1",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "rbk842",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "rbr750",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "r7200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "rbw30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.0.4"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "ex7300v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.128"
          },
          {
            "model": "rbs40v",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.6"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.58"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "rax80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.102"
          },
          {
            "model": "wn3500rpv1",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "rax45",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.64"
          },
          {
            "model": "rbk40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.38"
          },
          {
            "model": "ex6150v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.94"
          },
          {
            "model": "dgn2200v4",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.114"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.38"
          },
          {
            "model": "rax15",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.64"
          },
          {
            "model": "rbk752",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.100"
          },
          {
            "model": "rax35",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.80"
          },
          {
            "model": "r6850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.76"
          },
          {
            "model": "r7450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "rbs840",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.62"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.50"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.2.124"
          },
          {
            "model": "rbr10",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.44"
          },
          {
            "model": "d6000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ac2600",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ac2400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6220",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ac2100",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "cbk40",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "cbr40",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35800"
          }
        ]
      },
      "cve": "CVE-2020-35800",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 9.7,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2020-35800",
                "impactScore": 9.5,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "LOW",
                "baseScore": 9.4,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-35800",
                "impactScore": 5.5,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "Low",
                "baseScore": 9.4,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-015016",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-35800",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2020-35800",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-35800",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202012-1740",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35800"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35800"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural NETGEAR An unspecified vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state.",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          }
        ],
        "trust": 0.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-35800",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1740",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35800"
          }
        ]
      },
      "id": "VAR-202012-1175",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4047866293478262
      },
      "last_update_date": "2024-11-23T22:51:09.418000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Security\u00a0Misconfiguration\u00a0on\u00a0Some\u00a0Routers,\u00a0Range\u00a0Extenders,\u00a0and\u00a0Orbi\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0112",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000062733/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Range-Extenders-and-Orbi-WiFi-Systems-PSV-2020-0112"
          },
          {
            "title": "Certain NETGEAR devices Repair measures for default configuration problems",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138265"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35800"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000062733/security-advisory-for-security-misconfiguration-on-some-routers-range-extenders-and-orbi-wifi-systems-psv-2020-0112"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-35800"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35800"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35800"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "date": "2020-12-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          },
          {
            "date": "2020-12-30T00:15:14.410000",
            "db": "NVD",
            "id": "CVE-2020-35800"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-07T09:06:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "date": "2021-01-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          },
          {
            "date": "2024-11-21T05:28:08.620000",
            "db": "NVD",
            "id": "CVE-2020-35800"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Default configuration problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1640

    Vulnerability from variot - Updated: 2024-11-23 22:48

    Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.62, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.40, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN3000RPv2 before 1.0.0.56, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.56, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This affects D7800 prior to 1.0.1.34, DM200 prior to 1.0.0.50, EX2700 prior to 1.0.1.32, EX6100v2 prior to 1.0.1.70, EX6150v2 prior to 1.0.1.70, EX6200v2 prior to 1.0.1.62, EX6400 prior to 1.0.1.78, EX7300 prior to 1.0.1.62, EX8000 prior to 1.0.0.114, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.40, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN3000RPv2 prior to 1.0.0.56, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.56, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1640",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.62"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.114"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.62"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.66"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.62"
          },
          {
            "model": "ex6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.62"
          },
          {
            "model": "ex8000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.114"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.22"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016401"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21153"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex7300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex8000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016401"
          }
        ]
      },
      "cve": "CVE-2018-21153",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2018-21153",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.1,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 7.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016401",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-21153",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21153",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016401",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21153",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21153",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016401",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2201",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21153",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21153"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016401"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2201"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21153"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21153"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.62, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.40, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN3000RPv2 before 1.0.0.56, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.56, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This affects D7800 prior to 1.0.1.34, DM200 prior to 1.0.0.50, EX2700 prior to 1.0.1.32, EX6100v2 prior to 1.0.1.70, EX6150v2 prior to 1.0.1.70, EX6200v2 prior to 1.0.1.62, EX6400 prior to 1.0.1.78, EX7300 prior to 1.0.1.62, EX8000 prior to 1.0.0.114, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.40, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN3000RPv2 prior to 1.0.0.56, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.56, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21153"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016401"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21153"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21153",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016401",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2201",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21153",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21153"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016401"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2201"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21153"
          }
        ]
      },
      "id": "VAR-202004-1640",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.38514334
      },
      "last_update_date": "2024-11-23T22:48:01.294000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Gateways, Routers, and Extenders, PSV-2017-3136",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000059480/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Gateways-Routers-and-Extenders-PSV-2017-3136"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117718"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016401"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2201"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016401"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21153"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000059480/security-advisory-for-pre-authentication-buffer-overflow-on-some-gateways-routers-and-extenders-psv-2017-3136"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21153"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21153"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/120.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21153"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016401"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2201"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21153"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21153"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016401"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2201"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21153"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21153"
          },
          {
            "date": "2020-06-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016401"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2201"
          },
          {
            "date": "2020-04-27T18:15:12.230000",
            "db": "NVD",
            "id": "CVE-2018-21153"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21153"
          },
          {
            "date": "2020-06-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016401"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2201"
          },
          {
            "date": "2024-11-21T04:03:01.853000",
            "db": "NVD",
            "id": "CVE-2018-21153"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2201"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016401"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2201"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202112-2308

    Vulnerability from variot - Updated: 2024-11-23 22:44

    Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.6, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.56. plural NETGEAR There is an unspecified vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D3600 prior to 1.0.0.72, D6000 prior to 1.0.0.72, D6200 prior to 1.1.00.34, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.74, D7000v2 prior to 1.0.0.53, D7800 prior to 1.0.1.56, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200Bv4 prior to 1.0.0.109, DGN2200v4 prior to 1.0.0.110, DM200 prior to 1.0.0.61, EX3700 prior to 1.0.0.76, EX3800 prior to 1.0.0.76, EX6120 prior to 1.0.0.46, EX6130 prior to 1.0.0.28, EX7000 prior to 1.0.1.78, PR2000 prior to 1.0.0.28, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6250 prior to 1.0.4.34, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.66, R6700v3 prior to 1.0.2.66, R6700 prior to 1.0.2.6, R6900 prior to 1.0.2.6, R7000 prior to 1.0.9.34, R7100LG prior to 1.0.0.50, R7500v2 prior to 1.0.3.40, R7900P prior to 1.4.1.50, R8000P prior to 1.4.1.50, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, RBK20 prior to 2.3.0.28, RBR20 prior to 2.3.0.28, RBS20 prior to 2.3.0.28, RBK40 prior to 2.3.0.28, RBR40 prior to 2.3.0.28, RBS40 prior to 2.3.0.28, RBK50 prior to 2.3.0.32, RBR50 prior to 2.3.0.32, RBS50 prior to 2.3.0.32, WN3000RPv2 prior to 1.0.0.78, WNDR3400v3 prior to 1.0.1.24, WNR2000v5 prior to 1.0.0.70, WNR2020 prior to 1.1.0.62, and XR500 prior to 2.3.2.56

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2308",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "dc112a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.66"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.34"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "dgn2200bv4",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.109"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.50"
          },
          {
            "model": "rbk40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbr40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.50"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "dgn2200v4",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.9.34"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.74"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.56"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.6"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.34"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.100"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.40"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.34"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "wndr3400v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.56"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "r6700v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.66"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.6"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.44"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.53"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.86"
          },
          {
            "model": "r6230",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.100"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "d8500",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d3600",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "dc112a",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6220",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45641"
          }
        ]
      },
      "cve": "CVE-2021-45641",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2021-45641",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-45641",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.1,
                "id": "CVE-2021-45641",
                "impactScore": 2.5,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-45641",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-45641",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2021-45641",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-45641",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202112-2437",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45641"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45641"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.6, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.56. plural NETGEAR There is an unspecified vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D3600 prior to 1.0.0.72, D6000 prior to 1.0.0.72, D6200 prior to 1.1.00.34, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.74, D7000v2 prior to 1.0.0.53, D7800 prior to 1.0.1.56, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200Bv4 prior to 1.0.0.109, DGN2200v4 prior to 1.0.0.110, DM200 prior to 1.0.0.61, EX3700 prior to 1.0.0.76, EX3800 prior to 1.0.0.76, EX6120 prior to 1.0.0.46, EX6130 prior to 1.0.0.28, EX7000 prior to 1.0.1.78, PR2000 prior to 1.0.0.28, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6250 prior to 1.0.4.34, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.66, R6700v3 prior to 1.0.2.66, R6700 prior to 1.0.2.6, R6900 prior to 1.0.2.6, R7000 prior to 1.0.9.34, R7100LG prior to 1.0.0.50, R7500v2 prior to 1.0.3.40, R7900P prior to 1.4.1.50, R8000P prior to 1.4.1.50, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, RBK20 prior to 2.3.0.28, RBR20 prior to 2.3.0.28, RBS20 prior to 2.3.0.28, RBK40 prior to 2.3.0.28, RBR40 prior to 2.3.0.28, RBS40 prior to 2.3.0.28, RBK50 prior to 2.3.0.32, RBR50 prior to 2.3.0.32, RBS50 prior to 2.3.0.32, WN3000RPv2 prior to 1.0.0.78, WNDR3400v3 prior to 1.0.1.24, WNR2000v5 prior to 1.0.0.70, WNR2020 prior to 1.1.0.62, and XR500 prior to 2.3.2.56",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45641"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45641"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-45641",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2437",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45641",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45641"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45641"
          }
        ]
      },
      "id": "VAR-202112-2308",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.42809713404255323
      },
      "last_update_date": "2024-11-23T22:44:07.304000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Security\u00a0Misconfiguration\u00a0on\u00a0Some\u00a0Routers,\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2018-0624",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000064053/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0624"
          },
          {
            "title": "Netgear NETGEAR Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176675"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45641"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000064053/security-advisory-for-security-misconfiguration-on-some-routers-extenders-and-wifi-systems-psv-2018-0624"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45641"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45641"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45641"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45641"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45641"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-26T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45641"
          },
          {
            "date": "2023-01-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "date": "2021-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          },
          {
            "date": "2021-12-26T01:15:19.690000",
            "db": "NVD",
            "id": "CVE-2021-45641"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45641"
          },
          {
            "date": "2023-01-24T05:20:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "date": "2022-01-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          },
          {
            "date": "2024-11-21T06:32:45.310000",
            "db": "NVD",
            "id": "CVE-2021-45641"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1585

    Vulnerability from variot - Updated: 2024-11-23 22:41

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.0.54, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR DM200 is a wireless modem. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.34, DM200 prior to 1.0.0.50, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.42, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.10, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.0.54, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1585",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.42"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.42"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "v2 1.0.0.54"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.96"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-48933"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016399"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21149"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016399"
          }
        ]
      },
      "cve": "CVE-2018-21149",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2018-21149",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016399",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2021-48933",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21149",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21149",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016399",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21149",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21149",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016399",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-48933",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2202",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21149",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-48933"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21149"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016399"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2202"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21149"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21149"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.0.54, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR DM200 is a wireless modem. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.34, DM200 prior to 1.0.0.50, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.42, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.10, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.0.54, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21149"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016399"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-48933"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21149"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21149",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016399",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-48933",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2202",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21149",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-48933"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21149"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016399"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2202"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21149"
          }
        ]
      },
      "id": "VAR-202004-1585",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-48933"
          }
        ],
        "trust": 1.20606618
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-48933"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:41:06.490000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Gateways and Routers, PSV-2017-3156",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000059484/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3156"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-48933)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/277386"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117297"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-48933"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016399"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2202"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016399"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21149"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21149"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000059484/security-advisory-for-post-authentication-stack-overflow-on-some-gateways-and-routers-psv-2017-3156"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21149"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-48933"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21149"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016399"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2202"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21149"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-48933"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21149"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016399"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2202"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21149"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-08T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-48933"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21149"
          },
          {
            "date": "2020-06-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016399"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2202"
          },
          {
            "date": "2020-04-27T18:15:12.107000",
            "db": "NVD",
            "id": "CVE-2018-21149"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-48933"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21149"
          },
          {
            "date": "2020-06-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016399"
          },
          {
            "date": "2020-05-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2202"
          },
          {
            "date": "2024-11-21T04:03:01.247000",
            "db": "NVD",
            "id": "CVE-2018-21149"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2202"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016399"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2202"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1669

    Vulnerability from variot - Updated: 2024-11-23 22:41

    Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.57, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.78, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.42, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. This affects D6100 prior to 1.0.0.57, DM200 prior to 1.0.0.50, EX2700 prior to 1.0.1.32, EX6100v2 prior to 1.0.1.70, EX6150v2 prior to 1.0.1.70, EX6200v2 prior to 1.0.1.62, EX6400 prior to 1.0.1.78, EX7300 prior to 1.0.1.78, EX8000 prior to 1.0.0.114, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.42, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.42, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1669",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.114"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.62"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.66"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.42"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.62"
          },
          {
            "model": "ex6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "ex8000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.114"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.50"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.34 1.0.70"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.50"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.50"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.56"
          },
          {
            "model": "ex6400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex6400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.72"
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1"
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.62"
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.72"
          },
          {
            "model": "ex8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.38"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.6"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.6"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.8"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.62"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21167"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21167"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex7300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex8000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          }
        ]
      },
      "cve": "CVE-2018-21167",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2018-21167",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.1,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.5,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016392",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.3,
                "id": "CVE-2018-21167",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2018-21167",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016392",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21167",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21167",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016392",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2209",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21167",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21167"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21167"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21167"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.57, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.78, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.42, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. This affects D6100 prior to 1.0.0.57, DM200 prior to 1.0.0.50, EX2700 prior to 1.0.1.32, EX6100v2 prior to 1.0.1.70, EX6150v2 prior to 1.0.1.70, EX6200v2 prior to 1.0.1.62, EX6400 prior to 1.0.1.78, EX7300 prior to 1.0.1.78, EX8000 prior to 1.0.0.114, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.42, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.42, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21167"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21167"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21167",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2209",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21167",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21167"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21167"
          }
        ]
      },
      "id": "VAR-202004-1669",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.3957455253846154
      },
      "last_update_date": "2024-11-23T22:41:06.396000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Stored Cross-Site Scripting on Routers, Gateways, Extenders, and DSL Modems, PSV-2017-3093",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055191/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Routers-Gateways-Extenders-and-DSL-Modems-PSV-2017-3093"
          },
          {
            "title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117304"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21167"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055191/security-advisory-for-stored-cross-site-scripting-on-routers-gateways-extenders-and-dsl-modems-psv-2017-3093"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21167"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21167"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/79.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21167"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21167"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21167"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21167"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21167"
          },
          {
            "date": "2020-06-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          },
          {
            "date": "2020-04-27T18:15:12.670000",
            "db": "NVD",
            "id": "CVE-2018-21167"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21167"
          },
          {
            "date": "2020-06-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          },
          {
            "date": "2024-11-21T04:03:04.040000",
            "db": "NVD",
            "id": "CVE-2018-21167"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202112-2400

    Vulnerability from variot - Updated: 2024-11-23 22:40

    Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.60, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6200v2 before 1.0.1.86, EX6250 before 1.0.0.128, EX6400 before 1.0.2.144, EX6400v2 before 1.0.0.128, EX6410 before 1.0.0.128, EX6420 before 1.0.0.128, EX7300 before 1.0.2.144, EX7300v2 before 1.0.0.128, EX7320 before 1.0.0.128, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.5.26, R9000 before 1.0.5.2, RAX120 before 1.0.1.128, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.74, XR500 before 2.3.2.66, RBK20 before 2.7.3.22, RBR20 before 2.7.3.22, RBS20 before 2.7.3.22, RBK40 before 2.7.3.22, RBR40 before 2.7.3.22, and RBS40 before 2.7.3.22. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D7800 prior to 1.0.1.60, DM200 prior to 1.0.0.66, EX2700 prior to 1.0.1.56, EX6150v2 prior to 1.0.1.86, EX6200v2 prior to 1.0.1.86, EX6250 prior to 1.0.0.128, EX6400 prior to 1.0.2.144, EX6400v2 prior to 1.0.0.128, EX6410 prior to 1.0.0.128, EX6420 prior to 1.0.0.128, EX7300 prior to 1.0.2.144, EX7300v2 prior to 1.0.0.128, EX7320 prior to 1.0.0.128, R7500v2 prior to 1.0.3.46, R7800 prior to 1.0.2.74, R8900 prior to 1.0.5.26, R9000 prior to 1.0.5.2, RAX120 prior to 1.0.1.128, WN3000RPv2 prior to 1.0.0.78, WN3000RPv3 prior to 1.0.2.80, WNR2000v5 prior to 1.0.0.74, XR500 prior to 2.3.2.66, RBK20 prior to 2.7.3.22, RBR20 prior to 2.7.3.22, RBS20 prior to 2.7.3.22, RBK40 prior to 2.7.3.22, RBR40 prior to 2.7.3.22, and RBS40 prior to 2.7.3.22

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2400",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.56"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.7.3.22"
          },
          {
            "model": "ex6200v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.86"
          },
          {
            "model": "ex6410",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.128"
          },
          {
            "model": "ex7300v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.128"
          },
          {
            "model": "rax120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.128"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.144"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "rbr40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.7.3.22"
          },
          {
            "model": "ex6400v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.128"
          },
          {
            "model": "ex6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.128"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "ex6150v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.86"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.7.3.22"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.7.3.22"
          },
          {
            "model": "rbk40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.7.3.22"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.80"
          },
          {
            "model": "ex7320",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.128"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.144"
          },
          {
            "model": "ex6420",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.128"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.46"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.74"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.66"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.2"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.26"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.7.3.22"
          },
          {
            "model": "ex6250",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6150v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6410",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6200v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6400v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex2700",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6420",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "dm200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017289"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45548"
          }
        ]
      },
      "cve": "CVE-2021-45548",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2021-45548",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-45548",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2021-45548",
                "impactScore": 5.5,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-45548",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-45548",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2021-45548",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-45548",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202112-2364",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017289"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2364"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45548"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45548"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.60, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6200v2 before 1.0.1.86, EX6250 before 1.0.0.128, EX6400 before 1.0.2.144, EX6400v2 before 1.0.0.128, EX6410 before 1.0.0.128, EX6420 before 1.0.0.128, EX7300 before 1.0.2.144, EX7300v2 before 1.0.0.128, EX7320 before 1.0.0.128, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.5.26, R9000 before 1.0.5.2, RAX120 before 1.0.1.128, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.74, XR500 before 2.3.2.66, RBK20 before 2.7.3.22, RBR20 before 2.7.3.22, RBS20 before 2.7.3.22, RBK40 before 2.7.3.22, RBR40 before 2.7.3.22, and RBS40 before 2.7.3.22. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D7800 prior to 1.0.1.60, DM200 prior to 1.0.0.66, EX2700 prior to 1.0.1.56, EX6150v2 prior to 1.0.1.86, EX6200v2 prior to 1.0.1.86, EX6250 prior to 1.0.0.128, EX6400 prior to 1.0.2.144, EX6400v2 prior to 1.0.0.128, EX6410 prior to 1.0.0.128, EX6420 prior to 1.0.0.128, EX7300 prior to 1.0.2.144, EX7300v2 prior to 1.0.0.128, EX7320 prior to 1.0.0.128, R7500v2 prior to 1.0.3.46, R7800 prior to 1.0.2.74, R8900 prior to 1.0.5.26, R9000 prior to 1.0.5.2, RAX120 prior to 1.0.1.128, WN3000RPv2 prior to 1.0.0.78, WN3000RPv3 prior to 1.0.2.80, WNR2000v5 prior to 1.0.0.74, XR500 prior to 2.3.2.66, RBK20 prior to 2.7.3.22, RBR20 prior to 2.7.3.22, RBS20 prior to 2.7.3.22, RBK40 prior to 2.7.3.22, RBR40 prior to 2.7.3.22, and RBS40 prior to 2.7.3.22",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45548"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017289"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45548"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-45548",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017289",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2364",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45548",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45548"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017289"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2364"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45548"
          }
        ]
      },
      "id": "VAR-202112-2400",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.43956583190476195
      },
      "last_update_date": "2024-11-23T22:40:38.041000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Command\u00a0Injection\u00a0on\u00a0Some\u00a0Routers,\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2019-0207",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000064450/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2019-0207"
          },
          {
            "title": "Netgear NETGEAR Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176377"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017289"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2364"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-77",
            "trust": 1.0
          },
          {
            "problemtype": "Command injection (CWE-77) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017289"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45548"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000064450/security-advisory-for-post-authentication-command-injection-on-some-routers-extenders-and-wifi-systems-psv-2019-0207"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45548"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45548"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017289"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2364"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45548"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45548"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017289"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2364"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45548"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-26T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45548"
          },
          {
            "date": "2023-01-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017289"
          },
          {
            "date": "2021-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2364"
          },
          {
            "date": "2021-12-26T01:15:15.273000",
            "db": "NVD",
            "id": "CVE-2021-45548"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45548"
          },
          {
            "date": "2023-01-13T05:03:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017289"
          },
          {
            "date": "2022-01-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2364"
          },
          {
            "date": "2024-11-21T06:32:29.167000",
            "db": "NVD",
            "id": "CVE-2021-45548"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2364"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Command injection vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017289"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "command injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2364"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0776

    Vulnerability from variot - Updated: 2024-11-23 22:37

    Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, DM200 before 1.0.0.58, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.22, RBR20 before 2.3.0.22, RBS20 before 2.3.0.22, RBK50 before 2.3.0.22, RBR50 before 2.3.0.22, RBS50 before 2.3.0.22, RBS40 before 2.3.0.22, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR DM200 is a wireless modem. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0776",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.60"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.40"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.34"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.60"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "rbk20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "rbr20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.40"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20714"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbk20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbr20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wayne Low of Fortinets FortiGuard Labs",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-20714",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2019-20714",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.5,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015414",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CNVD-2020-30685",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2019-20714",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2019-20714",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015414",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20714",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20714",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015414",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-30685",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1298",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20714"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20714"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, DM200 before 1.0.0.58, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.22, RBR20 before 2.3.0.22, RBS20 before 2.3.0.22, RBK50 before 2.3.0.22, RBR50 before 2.3.0.22, RBS50 before 2.3.0.22, RBS40 before 2.3.0.22, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR DM200 is a wireless modem. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20714"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20714",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20714"
          }
        ]
      },
      "id": "VAR-202004-0776",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          }
        ],
        "trust": 1.1352816739130436
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:37:25.538000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Stored Cross Site Scripting on Some Routers, Gateways, and WiFi System, PSV-2018-0249",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061214/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-WiFi-System-PSV-2018-0249"
          },
          {
            "title": "Patch for Multiple NETGEAR product cross-site scripting vulnerabilities (CNVD-2020-30685)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/219487"
          },
          {
            "title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116567"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20714"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20714"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061214/security-advisory-for-stored-cross-site-scripting-on-some-routers-gateways-and-wifi-system-psv-2018-0249"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20714"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20714"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20714"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          },
          {
            "date": "2020-04-16T19:15:24.777000",
            "db": "NVD",
            "id": "CVE-2019-20714"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          },
          {
            "date": "2024-11-21T04:39:09.837000",
            "db": "NVD",
            "id": "CVE-2019-20714"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0797

    Vulnerability from variot - Updated: 2024-11-23 22:37

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.60, DM200 before 1.0.0.61, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.72, EX8000 before 1.0.1.180, R7800 before 1.0.2.52, R8900 before 1.0.4.26, R9000 before 1.0.4.26, WN2000RPTv3 before 1.0.1.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.66, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8900, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow, etc

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0797",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.180"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.72"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.72"
          },
          {
            "model": "ex8000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.180"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "ex6100v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6150v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "ex6200v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.72"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20751"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex8000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          }
        ]
      },
      "cve": "CVE-2019-20751",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2019-20751",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015366",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2021-66985",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20751",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20751",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015366",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20751",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20751",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015366",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-66985",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1362",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20751"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20751"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.60, DM200 before 1.0.0.61, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.72, EX8000 before 1.0.1.180, R7800 before 1.0.2.52, R8900 before 1.0.4.26, R9000 before 1.0.4.26, WN2000RPTv3 before 1.0.1.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.66, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8900, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow, etc",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20751"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20751",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1362",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20751"
          }
        ]
      },
      "id": "VAR-202004-0797",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          }
        ],
        "trust": 1.2212749289999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:37:25.511000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Extenders, Gateways, and Routers, PSV-2018-0171",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000060964/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Extenders-Gateways-and-Routers-PSV-2018-0171"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-66985)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/288721"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115006"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20751"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20751"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000060964/security-advisory-for-post-authentication-stack-overflow-on-some-extenders-gateways-and-routers-psv-2018-0171"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20751"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20751"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20751"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          },
          {
            "date": "2020-05-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          },
          {
            "date": "2020-04-16T21:15:13.067000",
            "db": "NVD",
            "id": "CVE-2019-20751"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          },
          {
            "date": "2020-05-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          },
          {
            "date": "2024-11-21T04:39:16.010000",
            "db": "NVD",
            "id": "CVE-2019-20751"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0919

    Vulnerability from variot - Updated: 2024-11-23 22:33

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6200 before 1.1.00.32, D7000 before 1.0.1.68, DM200 before 1.0.0.58, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6200, etc. are all products of NETGEAR. NETGEAR D6200 is a wireless modem. NETGEAR D7000 is a wireless modem. NETGEAR WNR2020 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0919",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.68"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.80"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.2.32"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.00.32"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "r6260",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.00.32"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.68"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "r6020",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6080",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "r6120",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.36"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57174"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015393"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20685"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6020_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6080_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6120_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015393"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Mongo",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1269"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-20685",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2019-20685",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015393",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-57174",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-20685",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-20685",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015393",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20685",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20685",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015393",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-57174",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1269",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57174"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015393"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1269"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20685"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20685"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6200 before 1.1.00.32, D7000 before 1.0.1.68, DM200 before 1.0.0.58, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6200, etc. are all products of NETGEAR. NETGEAR D6200 is a wireless modem. NETGEAR D7000 is a wireless modem. NETGEAR WNR2020 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20685"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015393"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-57174"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20685",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015393",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-57174",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1269",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57174"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015393"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1269"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20685"
          }
        ]
      },
      "id": "VAR-202004-0919",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57174"
          }
        ],
        "trust": 1.023677785
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57174"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:33:28.999000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers, Gateways, and Modems, PSV-2018-0295",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061454/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Modems-PSV-2018-0295"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-57174)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/283651"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57174"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015393"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015393"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20685"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20685"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061454/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-gateways-and-modems-psv-2018-0295"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20685"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57174"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015393"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1269"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20685"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57174"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015393"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1269"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20685"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-57174"
          },
          {
            "date": "2020-05-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015393"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1269"
          },
          {
            "date": "2020-04-16T19:15:23.073000",
            "db": "NVD",
            "id": "CVE-2019-20685"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-57174"
          },
          {
            "date": "2020-05-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015393"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1269"
          },
          {
            "date": "2024-11-21T04:39:04.647000",
            "db": "NVD",
            "id": "CVE-2019-20685"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1269"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015393"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1269"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1641

    Vulnerability from variot - Updated: 2024-11-23 22:29

    Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, and R7800 before 1.0.2.42. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR DM200 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the process of constructing operating system executable commands from external input data. The network system or product does not properly filter the special characters and commands. The attacker can use this vulnerability to execute Illegal operating system command. This affects D7800 prior to 1.0.1.34, DM200 prior to 1.0.0.50, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7500v2 prior to 1.0.3.26, and R7800 prior to 1.0.2.42

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1641",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.42"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "v2 1.0.3.26"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.42"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.26"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28142"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016395"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21154"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016395"
          }
        ]
      },
      "cve": "CVE-2018-21154",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2018-21154",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016395",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2020-28142",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21154",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21154",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016395",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21154",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21154",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016395",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-28142",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2200",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21154",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28142"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21154"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016395"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2200"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21154"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21154"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, and R7800 before 1.0.2.42. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR DM200 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the process of constructing operating system executable commands from external input data. The network system or product does not properly filter the special characters and commands. The attacker can use this vulnerability to execute Illegal operating system command. This affects D7800 prior to 1.0.1.34, DM200 prior to 1.0.0.50, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7500v2 prior to 1.0.3.26, and R7800 prior to 1.0.2.42",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21154"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016395"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28142"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21154"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21154",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016395",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28142",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2200",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21154",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28142"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21154"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016395"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2200"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21154"
          }
        ]
      },
      "id": "VAR-202004-1641",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28142"
          }
        ],
        "trust": 1.1459917733333334
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28142"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:29:38.733000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Command Injection on Some Gateways and Routers, PSV-2017-3133",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000059479/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Gateways-and-Routers-PSV-2017-3133"
          },
          {
            "title": "Patch for Multiple NETGEAR product operating system command injection vulnerabilities (CNVD-2020-28142)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/217443"
          },
          {
            "title": "Multiple NETGEAR Product operating system command injection vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117717"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28142"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016395"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2200"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016395"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21154"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21154"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000059479/security-advisory-for-post-authentication-command-injection-on-some-gateways-and-routers-psv-2017-3133"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21154"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/78.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28142"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21154"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016395"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2200"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21154"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28142"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21154"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016395"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2200"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21154"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28142"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21154"
          },
          {
            "date": "2020-06-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016395"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2200"
          },
          {
            "date": "2020-04-27T18:15:12.277000",
            "db": "NVD",
            "id": "CVE-2018-21154"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28142"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21154"
          },
          {
            "date": "2020-06-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016395"
          },
          {
            "date": "2020-05-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2200"
          },
          {
            "date": "2024-11-21T04:03:02.020000",
            "db": "NVD",
            "id": "CVE-2018-21154"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2200"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR On the device  OS Command injection vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016395"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "operating system commend injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2200"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1584

    Vulnerability from variot - Updated: 2024-11-23 22:21

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR WNDR4300 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, it does not correctly verify the data boundary, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1584",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.42"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "v2 1.0.3.26"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.42"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.96"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67653"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016315"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21148"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016315"
          }
        ]
      },
      "cve": "CVE-2018-21148",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2018-21148",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016315",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2021-67653",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21148",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21148",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016315",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21148",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21148",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016315",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-67653",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1849",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67653"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016315"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1849"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21148"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21148"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR WNDR4300 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, it does not correctly verify the data boundary, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21148"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016315"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-67653"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21148",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016315",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-67653",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1849",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67653"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016315"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1849"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21148"
          }
        ]
      },
      "id": "VAR-202004-1584",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67653"
          }
        ],
        "trust": 1.2363687815384616
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67653"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:21:12.528000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Command Injection on Some Routers and Modem Routers, PSV-2018-0033",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000059485/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3157"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-67653)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/289186"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117220"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67653"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016315"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1849"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016315"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21148"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21148"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000059485/security-advisory-for-post-authentication-stack-overflow-on-some-gateways-and-routers-psv-2017-3157"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21148"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67653"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016315"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1849"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21148"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67653"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016315"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1849"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21148"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-67653"
          },
          {
            "date": "2020-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016315"
          },
          {
            "date": "2020-04-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1849"
          },
          {
            "date": "2020-04-21T22:15:14.367000",
            "db": "NVD",
            "id": "CVE-2018-21148"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-67653"
          },
          {
            "date": "2020-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016315"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1849"
          },
          {
            "date": "2024-11-21T04:03:01.090000",
            "db": "NVD",
            "id": "CVE-2018-21148"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1849"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016315"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1849"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1580

    Vulnerability from variot - Updated: 2024-11-23 22:16

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DM200 before 1.0.0.52, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.16, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects DM200 prior to 1.0.0.52, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.42, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.16, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1580",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.42"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.42"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.96"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-59166"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016318"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21144"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016318"
          }
        ]
      },
      "cve": "CVE-2018-21144",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2018-21144",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016318",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2021-59166",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21144",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21144",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016318",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21144",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21144",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016318",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-59166",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1841",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21144",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-59166"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21144"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016318"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1841"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21144"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21144"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DM200 before 1.0.0.52, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.16, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects DM200 prior to 1.0.0.52, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.42, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.16, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21144"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016318"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-59166"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21144"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21144",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016318",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-59166",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1841",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21144",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-59166"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21144"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016318"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1841"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21144"
          }
        ]
      },
      "id": "VAR-202004-1580",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-59166"
          }
        ],
        "trust": 1.2320233489999999
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-59166"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:16:30.135000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers, PSV-2017-3166",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000059489/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-PSV-2017-3166"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-59166)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/284406"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116317"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-59166"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016318"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1841"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016318"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21144"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21144"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000059489/security-advisory-for-post-authentication-stack-overflow-on-some-routers-psv-2017-3166"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21144"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-59166"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21144"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016318"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1841"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21144"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-59166"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21144"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016318"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1841"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21144"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-08T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-59166"
          },
          {
            "date": "2020-04-21T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21144"
          },
          {
            "date": "2020-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016318"
          },
          {
            "date": "2020-04-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1841"
          },
          {
            "date": "2020-04-21T21:15:12.867000",
            "db": "NVD",
            "id": "CVE-2018-21144"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-08T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-59166"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21144"
          },
          {
            "date": "2020-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016318"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1841"
          },
          {
            "date": "2024-11-21T04:03:00.497000",
            "db": "NVD",
            "id": "CVE-2018-21144"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1841"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016318"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1841"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1586

    Vulnerability from variot - Updated: 2024-11-23 22:11

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR WNDR3700 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.34, DM200 prior to 1.0.0.50, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.42, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.10, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1586",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.42"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.42"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.96"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-52952"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016309"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21150"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016309"
          }
        ]
      },
      "cve": "CVE-2018-21150",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2018-21150",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016309",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2021-52952",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21150",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21150",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016309",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21150",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21150",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016309",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-52952",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1946",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21150",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-52952"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21150"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016309"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1946"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21150"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21150"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR WNDR3700 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.34, DM200 prior to 1.0.0.50, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.42, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.10, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21150"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016309"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-52952"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21150"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21150",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016309",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-52952",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1946",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21150",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-52952"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21150"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016309"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1946"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21150"
          }
        ]
      },
      "id": "VAR-202004-1586",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-52952"
          }
        ],
        "trust": 1.2363687815384616
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-52952"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:11:30.129000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Gateways and Routers, PSV-2017-3155",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000059483/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3155"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-52952)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/280061"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116715"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-52952"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016309"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1946"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016309"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21150"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21150"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000059483/security-advisory-for-post-authentication-stack-overflow-on-some-gateways-and-routers-psv-2017-3155"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21150"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-52952"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21150"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016309"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1946"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21150"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-52952"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21150"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016309"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1946"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21150"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-52952"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21150"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016309"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1946"
          },
          {
            "date": "2020-04-22T20:15:11.107000",
            "db": "NVD",
            "id": "CVE-2018-21150"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-52952"
          },
          {
            "date": "2020-04-24T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21150"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016309"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1946"
          },
          {
            "date": "2024-11-21T04:03:01.397000",
            "db": "NVD",
            "id": "CVE-2018-21150"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1946"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016309"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1946"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202112-2291

    Vulnerability from variot - Updated: 2024-11-23 22:10

    Certain NETGEAR devices are affected by server-side injection. This affects D7800 before 1.0.1.58, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6100v2 before 1.0.1.86, EX6200v2 before 1.0.1.78, EX6250 before 1.0.0.110, EX6410 before 1.0.0.110, EX6420 before 1.0.0.110, EX6400v2 before 1.0.0.110, EX7300 before 1.0.2.144, EX6400 before 1.0.2.144, EX7320 before 1.0.0.110, EX7300v2 before 1.0.0.110, R7500v2 before 1.0.3.48, R7800 before 1.0.2.68, R8900 before 1.0.5.2, R9000 before 1.0.5.2, RAX120 before 1.0.1.90, RBK40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, RBS50Y before 2.6.1.40, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.72, XR500 before 2.3.2.56, and XR700 before 1.0.1.20. plural NETGEAR The device has an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D7800 prior to 1.0.1.58, DM200 prior to 1.0.0.66, EX2700 prior to 1.0.1.56, EX6150v2 prior to 1.0.1.86, EX6100v2 prior to 1.0.1.86, EX6200v2 prior to 1.0.1.78, EX6250 prior to 1.0.0.110, EX6410 prior to 1.0.0.110, EX6420 prior to 1.0.0.110, EX6400v2 prior to 1.0.0.110, EX7300 prior to 1.0.2.144, EX6400 prior to 1.0.2.144, EX7320 prior to 1.0.0.110, EX7300v2 prior to 1.0.0.110, R7500v2 prior to 1.0.3.48, R7800 prior to 1.0.2.68, R8900 prior to 1.0.5.2, R9000 prior to 1.0.5.2, RAX120 prior to 1.0.1.90, RBK40 prior to 2.5.1.16, RBK20 prior to 2.5.1.16, RBR20 prior to 2.5.1.16, RBS20 prior to 2.5.1.16, RBK50 prior to 2.5.1.16, RBR50 prior to 2.5.1.16, RBS50 prior to 2.5.1.16, RBS50Y prior to 2.6.1.40, WN3000RPv2 prior to 1.0.0.78, WN3000RPv3 prior to 1.0.2.80, WNR2000v5 prior to 1.0.0.72, XR500 prior to 2.3.2.56, and XR700 prior to 1.0.1.20

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2291",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.16"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.56"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.48"
          },
          {
            "model": "rbk40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.16"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.144"
          },
          {
            "model": "ex6400v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "ex6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.16"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.16"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.16"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.16"
          },
          {
            "model": "ex6100v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.86"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "ex6200v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.58"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "ex6150v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.86"
          },
          {
            "model": "ex6420",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "ex7320",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "rbs50y",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.40"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.80"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.2"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.144"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.68"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.2"
          },
          {
            "model": "rax120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.90"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.56"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.16"
          },
          {
            "model": "xr700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "ex6410",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "ex7300v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "d7800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex2700",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6150v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6100v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6200v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6400v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "dm200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6250",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6420",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6410",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017535"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45658"
          }
        ]
      },
      "cve": "CVE-2021-45658",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2021-45658",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-45658",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2021-45658",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-45658",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-45658",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2021-45658",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-45658",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202112-2454",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017535"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2454"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45658"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45658"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by server-side injection. This affects D7800 before 1.0.1.58, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6100v2 before 1.0.1.86, EX6200v2 before 1.0.1.78, EX6250 before 1.0.0.110, EX6410 before 1.0.0.110, EX6420 before 1.0.0.110, EX6400v2 before 1.0.0.110, EX7300 before 1.0.2.144, EX6400 before 1.0.2.144, EX7320 before 1.0.0.110, EX7300v2 before 1.0.0.110, R7500v2 before 1.0.3.48, R7800 before 1.0.2.68, R8900 before 1.0.5.2, R9000 before 1.0.5.2, RAX120 before 1.0.1.90, RBK40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, RBS50Y before 2.6.1.40, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.72, XR500 before 2.3.2.56, and XR700 before 1.0.1.20. plural NETGEAR The device has an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D7800 prior to 1.0.1.58, DM200 prior to 1.0.0.66, EX2700 prior to 1.0.1.56, EX6150v2 prior to 1.0.1.86, EX6100v2 prior to 1.0.1.86, EX6200v2 prior to 1.0.1.78, EX6250 prior to 1.0.0.110, EX6410 prior to 1.0.0.110, EX6420 prior to 1.0.0.110, EX6400v2 prior to 1.0.0.110, EX7300 prior to 1.0.2.144, EX6400 prior to 1.0.2.144, EX7320 prior to 1.0.0.110, EX7300v2 prior to 1.0.0.110, R7500v2 prior to 1.0.3.48, R7800 prior to 1.0.2.68, R8900 prior to 1.0.5.2, R9000 prior to 1.0.5.2, RAX120 prior to 1.0.1.90, RBK40 prior to 2.5.1.16, RBK20 prior to 2.5.1.16, RBR20 prior to 2.5.1.16, RBS20 prior to 2.5.1.16, RBK50 prior to 2.5.1.16, RBR50 prior to 2.5.1.16, RBS50 prior to 2.5.1.16, RBS50Y prior to 2.6.1.40, WN3000RPv2 prior to 1.0.0.78, WN3000RPv3 prior to 1.0.2.80, WNR2000v5 prior to 1.0.0.72, XR500 prior to 2.3.2.56, and XR700 prior to 1.0.1.20",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45658"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017535"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45658"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-45658",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017535",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2454",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45658",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45658"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017535"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2454"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45658"
          }
        ]
      },
      "id": "VAR-202112-2291",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4233103683333333
      },
      "last_update_date": "2024-11-23T22:10:56.853000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Server\u00a0Side\u00a0Injection\u00a0on\u00a0Some\u00a0Routers,\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2019-0125",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000064062/Security-Advisory-for-Server-Side-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2019-0125"
          },
          {
            "title": "Netgear NETGEAR Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176216"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017535"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2454"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-74",
            "trust": 1.0
          },
          {
            "problemtype": "injection (CWE-74) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017535"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45658"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000064062/security-advisory-for-server-side-injection-on-some-routers-extenders-and-wifi-systems-psv-2019-0125"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45658"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45658"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017535"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2454"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45658"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45658"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017535"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2454"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45658"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-26T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45658"
          },
          {
            "date": "2023-01-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017535"
          },
          {
            "date": "2021-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2454"
          },
          {
            "date": "2021-12-26T01:15:20.467000",
            "db": "NVD",
            "id": "CVE-2021-45658"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45658"
          },
          {
            "date": "2023-01-25T01:41:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017535"
          },
          {
            "date": "2022-01-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2454"
          },
          {
            "date": "2024-11-21T06:32:48.427000",
            "db": "NVD",
            "id": "CVE-2021-45658"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2454"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Device Injection Vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017535"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2454"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0785

    Vulnerability from variot - Updated: 2024-11-23 21:59

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, DM200 before 1.0.0.58, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.72, EX6400 before 1.0.2.136, EX7300 before 1.0.2.136, EX8000 before 1.0.1.180, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WN2000RPTv3 before 1.0.1.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8900, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0785",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.2.32"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.180"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.63"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.136"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.136"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.72"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.63"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.72"
          },
          {
            "model": "ex6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.136"
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.136"
          },
          {
            "model": "ex6100v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6150v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "ex6200v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.72"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20723"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex7300_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "aircut",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-20723",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2019-20723",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015409",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2021-61056",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20723",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20723",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015409",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20723",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20723",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015409",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-61056",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1307",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20723"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20723"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, DM200 before 1.0.0.58, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.72, EX6400 before 1.0.2.136, EX7300 before 1.0.2.136, EX8000 before 1.0.1.180, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WN2000RPTv3 before 1.0.1.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8900, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20723"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20723",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20723"
          }
        ]
      },
      "id": "VAR-202004-0785",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          }
        ],
        "trust": 1.1791139654166667
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:59:21.256000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers, Gateways, and Extenders, PSV-2018-0146",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061205/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2018-0146"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-61056)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/285371"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114817"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20723"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20723"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061205/security-advisory-for-post-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2018-0146"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20723"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20723"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20723"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          },
          {
            "date": "2020-04-16T19:15:25.337000",
            "db": "NVD",
            "id": "CVE-2019-20723"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          },
          {
            "date": "2024-11-21T04:39:11.273000",
            "db": "NVD",
            "id": "CVE-2019-20723"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0792

    Vulnerability from variot - Updated: 2024-11-23 21:35

    Certain NETGEAR devices are affected by reflected XSS. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, DM200 before 1.0.0.58, R7800 before 1.0.2.58, R8900 before 1.0.4.12, R9000 before 1.0.4.8, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. This affects D3600 prior to 1.0.0.75, D6000 prior to 1.0.0.75, D7800 prior to 1.0.1.44, DM200 prior to 1.0.0.58, R7800 prior to 1.0.2.58, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.8, RBK20 prior to 2.3.0.28, RBR20 prior to 2.3.0.28, RBS20 prior to 2.3.0.28, RBK40 prior to 2.3.0.28, RBS40 prior to 2.3.0.28, RBK50 prior to 2.3.0.32, RBR50 prior to 2.3.0.32, RBS50 prior to 2.3.0.32, WN3000RPv2 prior to 1.0.0.68, WN3000RPv3 prior to 1.0.2.70, WN3100RPv2 prior to 1.0.0.60, WNDR4300v2 prior to 1.0.0.58, WNDR4500v3 prior to 1.0.0.58, and WNR2000v5 prior to 1.0.0.68

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0792",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.8"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "rbk40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.58"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.58"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.8"
          },
          {
            "model": "rbk20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbr20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbs20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.28"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015368"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20746"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbk20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbr20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbs20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015368"
          }
        ]
      },
      "cve": "CVE-2019-20746",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2019-20746",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.1,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.5,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015368",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2019-20746",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.2,
                "id": "CVE-2019-20746",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015368",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20746",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20746",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015368",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1357",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-20746",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2019-20746"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015368"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1357"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20746"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20746"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by reflected XSS. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, DM200 before 1.0.0.58, R7800 before 1.0.2.58, R8900 before 1.0.4.12, R9000 before 1.0.4.8, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. This affects D3600 prior to 1.0.0.75, D6000 prior to 1.0.0.75, D7800 prior to 1.0.1.44, DM200 prior to 1.0.0.58, R7800 prior to 1.0.2.58, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.8, RBK20 prior to 2.3.0.28, RBR20 prior to 2.3.0.28, RBS20 prior to 2.3.0.28, RBK40 prior to 2.3.0.28, RBS40 prior to 2.3.0.28, RBK50 prior to 2.3.0.32, RBR50 prior to 2.3.0.32, RBS50 prior to 2.3.0.32, WN3000RPv2 prior to 1.0.0.68, WN3000RPv3 prior to 1.0.2.70, WN3100RPv2 prior to 1.0.0.60, WNDR4300v2 prior to 1.0.0.58, WNDR4500v3 prior to 1.0.0.58, and WNR2000v5 prior to 1.0.0.68",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20746"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015368"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20746"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20746",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015368",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1357",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20746",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2019-20746"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015368"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1357"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20746"
          }
        ]
      },
      "id": "VAR-202004-0792",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.326584189375
      },
      "last_update_date": "2024-11-23T21:35:58.882000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Reflected Cross Site Scripting on Some Routers, Gateways, and WiFi Systems, PSV-2018-0252",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000060973/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2018-0252"
          },
          {
            "title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114945"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015368"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1357"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015368"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20746"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000060973/security-advisory-for-reflected-cross-site-scripting-on-some-routers-gateways-and-wifi-systems-psv-2018-0252"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20746"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20746"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/79.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2019-20746"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015368"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1357"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20746"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2019-20746"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015368"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1357"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20746"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-16T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-20746"
          },
          {
            "date": "2020-05-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015368"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1357"
          },
          {
            "date": "2020-04-16T21:15:12.767000",
            "db": "NVD",
            "id": "CVE-2019-20746"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-21T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-20746"
          },
          {
            "date": "2020-05-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015368"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1357"
          },
          {
            "date": "2024-11-21T04:39:15.160000",
            "db": "NVD",
            "id": "CVE-2019-20746"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1357"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015368"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1357"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202012-1337

    Vulnerability from variot - Updated: 2024-11-23 21:35

    Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.63, DM200 before 1.0.0.61, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN3000RPv2 before 1.0.0.68, and WNR2000v5 before 1.0.0.66. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1337",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.63"
          },
          {
            "model": "wn3000rpv2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "wnr2000v5",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "dm200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r8900",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r7800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6100",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r9000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014998"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35808"
          }
        ]
      },
      "cve": "CVE-2020-35808",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2020-35808",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2020-35808",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2020-35808",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "CVE-2020-35808",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-35808",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2020-35808",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-35808",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202012-1793",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014998"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1793"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35808"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35808"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.63, DM200 before 1.0.0.61, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN3000RPv2 before 1.0.0.68, and WNR2000v5 before 1.0.0.66. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-35808"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014998"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-35808",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014998",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1793",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014998"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1793"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35808"
          }
        ]
      },
      "id": "VAR-202012-1337",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.5452757871428571
      },
      "last_update_date": "2024-11-23T21:35:01.467000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Stored\u00a0Cross\u00a0Site\u00a0Scripting\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0Range\u00a0Extenders,\u00a0PSV-2018-0158",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000062708/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Range-Extenders-PSV-2018-0158"
          },
          {
            "title": "Certain NETGEAR devices Fixes for cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138162"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014998"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1793"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.0
          },
          {
            "problemtype": "Cross-site scripting (CWE-79) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014998"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35808"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000062708/security-advisory-for-stored-cross-site-scripting-on-some-routers-and-range-extenders-psv-2018-0158"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-35808"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014998"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1793"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35808"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014998"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1793"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35808"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-014998"
          },
          {
            "date": "2020-12-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1793"
          },
          {
            "date": "2020-12-30T00:15:14.863000",
            "db": "NVD",
            "id": "CVE-2020-35808"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-07T08:54:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-014998"
          },
          {
            "date": "2021-01-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1793"
          },
          {
            "date": "2024-11-21T05:28:10.323000",
            "db": "NVD",
            "id": "CVE-2020-35808"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1793"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014998"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1793"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202108-1661

    Vulnerability from variot - Updated: 2024-08-14 14:44

    plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with. Certain NETGEAR devices are affected by stored XSS. This affects D3600 prior to 1.0.0.76, D6000 prior to 1.0.0.76, D6100 prior to 1.0.0.60, D6200 prior to 1.1.00.36, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.70, D7000v2 prior to 1.0.0.53, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200v4 prior to 1.0.0.110, DGND2200Bv4 prior to 1.0.0.109, DM200 prior to 1.0.0.61, JR6150 prior to 1.0.1.18, PR2000 prior to 1.0.0.28, R6020 prior to 1.0.0.42, R6050 prior to 1.0.1.18, R6080 prior to 1.0.0.42, R6220 prior to 1.1.0.80, R6230 prior to 1.1.0.80, R6250 prior to 1.0.4.34, R6260 prior to 1.1.0.64, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.62, R6700 prior to 1.0.2.6, R6700v2 prior to 1.2.0.36, R6700v3 prior to 1.0.2.62, R6800 prior to 1.2.0.36, R6900 prior to 1.0.2.4, R6900P prior to 1.3.1.64, R6900v2 prior to 1.2.0.36, R7000 prior to 1.0.9.60, R7000P prior to 1.3.1.64, R7100LG prior to 1.0.0.50, R7300DST prior to 1.0.0.70, R7450 prior to 1.2.0.36, R7900 prior to 1.0.3.8, R7900P prior to 1.4.1.50, R8000 prior to 1.0.4.28, R8000P prior to 1.4.1.50, R8300 prior to 1.0.2.130, R8500 prior to 1.0.2.130, WNDR3400v3 prior to 1.0.1.24, WNR2020 prior to 1.1.0.62, WNR3500Lv2 prior to 1.2.0.62, XR450 prior to 2.3.2.40, and XR500 prior to 2.3.2.40

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202108-1661",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.50"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.62"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r6260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.64"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.1.64"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.8"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.80"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.34"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.34"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.28"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.9.60"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.62"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.86"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.40"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.1.64"
          },
          {
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "dc112a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "r6230",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.80"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.53"
          },
          {
            "model": "r7450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.130"
          },
          {
            "model": "xr450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.40"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.130"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.44"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.50"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "dgnd2200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.109"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.36"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.6"
          },
          {
            "model": "dgn2200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6100",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "dc112a",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d3600",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d8500",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6220",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-010450"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-38534"
          }
        ]
      },
      "cve": "CVE-2021-38534",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2021-38534",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.9,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2021-38534",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 0.7,
                "id": "CVE-2021-38534",
                "impactScore": 3.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "CVE-2021-38534",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-38534",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2021-38534",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-38534",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202108-946",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-38534",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-38534"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-010450"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202108-946"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-38534"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-38534"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with. Certain NETGEAR devices are affected by stored XSS. This affects D3600 prior to 1.0.0.76, D6000 prior to 1.0.0.76, D6100 prior to 1.0.0.60, D6200 prior to 1.1.00.36, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.70, D7000v2 prior to 1.0.0.53, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200v4 prior to 1.0.0.110, DGND2200Bv4 prior to 1.0.0.109, DM200 prior to 1.0.0.61, JR6150 prior to 1.0.1.18, PR2000 prior to 1.0.0.28, R6020 prior to 1.0.0.42, R6050 prior to 1.0.1.18, R6080 prior to 1.0.0.42, R6220 prior to 1.1.0.80, R6230 prior to 1.1.0.80, R6250 prior to 1.0.4.34, R6260 prior to 1.1.0.64, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.62, R6700 prior to 1.0.2.6, R6700v2 prior to 1.2.0.36, R6700v3 prior to 1.0.2.62, R6800 prior to 1.2.0.36, R6900 prior to 1.0.2.4, R6900P prior to 1.3.1.64, R6900v2 prior to 1.2.0.36, R7000 prior to 1.0.9.60, R7000P prior to 1.3.1.64, R7100LG prior to 1.0.0.50, R7300DST prior to 1.0.0.70, R7450 prior to 1.2.0.36, R7900 prior to 1.0.3.8, R7900P prior to 1.4.1.50, R8000 prior to 1.0.4.28, R8000P prior to 1.4.1.50, R8300 prior to 1.0.2.130, R8500 prior to 1.0.2.130, WNDR3400v3 prior to 1.0.1.24, WNR2020 prior to 1.1.0.62, WNR3500Lv2 prior to 1.2.0.62, XR450 prior to 2.3.2.40, and XR500 prior to 2.3.2.40",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-010450"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-38534"
          }
        ],
        "trust": 0.81
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-38534",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-010450",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202108-946",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-38534",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-38534"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-010450"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202108-946"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-38534"
          }
        ]
      },
      "id": "VAR-202108-1661",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.3912442337142858
      },
      "last_update_date": "2024-08-14T14:44:21.504000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Stored\u00a0Cross\u00a0Site\u00a0Scripting\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0Gateways,\u00a0PSV-2018-0244",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000063758/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Gateways-PSV-2018-0244"
          },
          {
            "title": "NETGEAR Fixes for cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=159340"
          },
          {
            "title": "CVE-2021-38534",
            "trust": 0.1,
            "url": "https://github.com/AlAIAL90/CVE-2021-38534 "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-38534"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-010450"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202108-946"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.0
          },
          {
            "problemtype": "Cross-site scripting (CWE-79) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-010450"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-38534"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000063758/security-advisory-for-stored-cross-site-scripting-on-some-routers-and-gateways-psv-2018-0244"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-38534"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/79.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/alaial90/cve-2021-38534"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-38534"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-010450"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202108-946"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-38534"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2021-38534"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-010450"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202108-946"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-38534"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-11T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-38534"
          },
          {
            "date": "2022-07-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-010450"
          },
          {
            "date": "2021-08-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202108-946"
          },
          {
            "date": "2021-08-11T00:17:22.217000",
            "db": "NVD",
            "id": "CVE-2021-38534"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-38534"
          },
          {
            "date": "2022-07-01T06:13:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-010450"
          },
          {
            "date": "2021-08-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202108-946"
          },
          {
            "date": "2021-08-19T17:59:26.163000",
            "db": "NVD",
            "id": "CVE-2021-38534"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202108-946"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-010450"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202108-946"
          }
        ],
        "trust": 0.6
      }
    }