Details of VAR-202004-0787

ID

VAR-202004-0787

CVE

CVE-2019-20725

TITLE

plural NETGEAR Out-of-bounds write vulnerabilities in devices

Trust: 0.8

sources: JVNDB: JVNDB-2019-015318

DESCRIPTION

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This affects D3600 prior to 1.0.0.75, D6000 prior to 1.0.0.75, D6100 prior to 1.0.0.63, R7800 prior to 1.0.2.52, R8900 prior to 1.0.4.2, R9000 prior to 1.0.4.2, WNDR3700v4 prior to 1.0.2.102, WNDR4300v1 prior to 1.0.2.104, WNDR4300v2 prior to 1.0.0.58, WNDR4500v3 prior to 1.0.0.58, WNR2000v5 prior to 1.0.0.68, and XR500 prior to 2.3.2.32

Trust: 1.71

sources: NVD: CVE-2019-20725 // JVNDB: JVNDB-2019-015318 // VULMON: CVE-2019-20725

AFFECTED PRODUCTS

vendor:	netgear	model:	wndr4300	scope:	lt	version:	1.0.2.104	Trust: 1.0
vendor:	netgear	model:	wnr2000	scope:	lt	version:	1.0.0.68	Trust: 1.0
vendor:	netgear	model:	d6100	scope:	lt	version:	1.0.0.63	Trust: 1.0
vendor:	netgear	model:	wndr3700	scope:	lt	version:	1.0.2.102	Trust: 1.0
vendor:	netgear	model:	wndr4300	scope:	lt	version:	1.0.0.58	Trust: 1.0
vendor:	netgear	model:	r9000	scope:	lt	version:	1.0.4.2	Trust: 1.0
vendor:	netgear	model:	r8900	scope:	lt	version:	1.0.4.2	Trust: 1.0
vendor:	netgear	model:	xr500	scope:	lt	version:	2.3.2.32	Trust: 1.0
vendor:	netgear	model:	d6000	scope:	lt	version:	1.0.0.75	Trust: 1.0
vendor:	netgear	model:	r7800	scope:	lt	version:	1.0.2.52	Trust: 1.0
vendor:	netgear	model:	wndr4500	scope:	lt	version:	1.0.0.58	Trust: 1.0
vendor:	netgear	model:	d3600	scope:	lt	version:	1.0.0.75	Trust: 1.0
vendor:	netgear	model:	d3600	scope:	eq	version:	1.0.0.75	Trust: 0.8
vendor:	netgear	model:	d6000	scope:	eq	version:	1.0.0.75	Trust: 0.8
vendor:	netgear	model:	d6100	scope:	eq	version:	1.0.0.63	Trust: 0.8
vendor:	netgear	model:	r7800	scope:	eq	version:	1.0.2.52	Trust: 0.8
vendor:	netgear	model:	r8900	scope:	eq	version:	1.0.4.2	Trust: 0.8
vendor:	netgear	model:	r9000	scope:	eq	version:	1.0.4.2	Trust: 0.8
vendor:	netgear	model:	wndr3700	scope:	eq	version:	1.0.2.102	Trust: 0.8
vendor:	netgear	model:	wndr4300	scope:	eq	version:	1.0.0.58	Trust: 0.8
vendor:	netgear	model:	wndr4300	scope:	eq	version:	1.0.2.104	Trust: 0.8
vendor:	netgear	model:	wndr4500	scope:	eq	version:	1.0.0.58	Trust: 0.8

sources: JVNDB: JVNDB-2019-015318 // NVD: CVE-2019-20725

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-20725
value:	MEDIUM
Trust: 1.0
cve@mitre.org:	CVE-2019-20725
value:	MEDIUM
Trust: 1.0
NVD:	JVNDB-2019-015318
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202004-1309
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2019-20725
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-20725
severity:	MEDIUM
baseScore:	5.2
vectorString:	AV:A/AC:L/AU:S/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	5.1
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	JVNDB-2019-015318
severity:	MEDIUM
baseScore:	5.2
vectorString:	AV:A/AC:L/AU:S/C:P/I:P/A:P
accessVector:	ADJACENT NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8

nvd@nist.gov:	CVE-2019-20725
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.9
impactScore:	5.9
version:	3.1
Trust: 1.0
cve@mitre.org:	CVE-2019-20725
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.9
impactScore:	5.9
version:	3.0
Trust: 1.0
NVD:	JVNDB-2019-015318
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2019-20725 // JVNDB: JVNDB-2019-015318 // CNNVD: CNNVD-202004-1309 // NVD: CVE-2019-20725 // NVD: CVE-2019-20725

PROBLEMTYPE DATA

problemtype:

CWE-787

Trust: 1.8

sources: JVNDB: JVNDB-2019-015318 // NVD: CVE-2019-20725

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202004-1309

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202004-1309

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-015318

PATCH

title:	Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2018-0143	url:	https://kb.netgear.com/000061203/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0143	Trust: 0.8
title:	Multiple NETGEAR Product Buffer Error Vulnerability Fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116575	Trust: 0.6

sources: JVNDB: JVNDB-2019-015318 // CNNVD: CNNVD-202004-1309

EXTERNAL IDS

db:	NVD	id:	CVE-2019-20725	Trust: 2.5
db:	JVNDB	id:	JVNDB-2019-015318	Trust: 0.8
db:	CNNVD	id:	CNNVD-202004-1309	Trust: 0.6
db:	VULMON	id:	CVE-2019-20725	Trust: 0.1

sources: VULMON: CVE-2019-20725 // JVNDB: JVNDB-2019-015318 // CNNVD: CNNVD-202004-1309 // NVD: CVE-2019-20725

REFERENCES

url:	https://kb.netgear.com/000061203/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2018-0143	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20725	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20725	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/787.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2019-20725 // JVNDB: JVNDB-2019-015318 // CNNVD: CNNVD-202004-1309 // NVD: CVE-2019-20725

CREDITS

aircut

Trust: 0.6

sources: CNNVD: CNNVD-202004-1309

SOURCES

db:	VULMON	id:	CVE-2019-20725
db:	JVNDB	id:	JVNDB-2019-015318
db:	CNNVD	id:	CNNVD-202004-1309
db:	NVD	id:	CVE-2019-20725

LAST UPDATE DATE

2024-11-23T22:41:07.571000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2019-20725	date:	2020-04-20T00:00:00
db:	JVNDB	id:	JVNDB-2019-015318	date:	2020-05-12T00:00:00
db:	CNNVD	id:	CNNVD-202004-1309	date:	2020-04-26T00:00:00
db:	NVD	id:	CVE-2019-20725	date:	2024-11-21T04:39:11.597

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2019-20725	date:	2020-04-16T00:00:00
db:	JVNDB	id:	JVNDB-2019-015318	date:	2020-05-12T00:00:00
db:	CNNVD	id:	CNNVD-202004-1309	date:	2020-04-16T00:00:00
db:	NVD	id:	CVE-2019-20725	date:	2020-04-16T19:15:25.463