Sign-up

ID

VAR-202004-0921


CVE

CVE-2019-20687


TITLE

plural NETGEAR Input verification vulnerabilities on devices

Trust: 0.8

sources: JVNDB: JVNDB-2019-015327

DESCRIPTION

Certain NETGEAR devices are affected by denial of service. This affects D6200 before 1.1.00.34, D7000 before 1.0.1.70, JR6150 before 1.0.1.18, R6050 before 1.0.1.18, and WNR2020 before 1.1.0.62. plural NETGEAR The device contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state. NETGEAR D6200, etc. are all products of NETGEAR. NETGEAR D6200 is a wireless modem. NETGEAR D7000 is a wireless modem. NETGEAR WNR2020 is a wireless router. There are security vulnerabilities in many NETGEAR products

Trust: 2.16

sources: NVD: CVE-2019-20687 // JVNDB: JVNDB-2019-015327 // CNVD: CNVD-2021-57176

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-57176

AFFECTED PRODUCTS

vendor:netgearmodel:d6200scope:ltversion:1.1.00.34

Trust: 1.6

vendor:netgearmodel:jr6150scope:ltversion:1.0.1.18

Trust: 1.6

vendor:netgearmodel:r6050scope:ltversion:1.0.1.18

Trust: 1.6

vendor:netgearmodel:wnr2020scope:ltversion:1.1.0.62

Trust: 1.6

vendor:netgearmodel:d7000scope:ltversion:1.0.1.70

Trust: 1.6

vendor:netgearmodel:d6200scope:eqversion:1.1.00.34

Trust: 0.8

vendor:netgearmodel:d7000scope:eqversion:1.0.1.70

Trust: 0.8

vendor:netgearmodel:jr6150scope:eqversion:1.0.1.18

Trust: 0.8

vendor:netgearmodel:r6050scope:eqversion:1.0.1.18

Trust: 0.8

vendor:netgearmodel:wnr2020scope:eqversion:1.1.0.62

Trust: 0.8

sources: CNVD: CNVD-2021-57176 // JVNDB: JVNDB-2019-015327 // NVD: CVE-2019-20687

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-20687
value: HIGH

Trust: 1.0

cve@mitre.org: CVE-2019-20687
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2019-015327
value: HIGH

Trust: 0.8

CNVD: CNVD-2021-57176
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202004-1271
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2019-20687
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2019-015327
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2021-57176
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2019-20687
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

cve@mitre.org: CVE-2019-20687
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.0

NVD: JVNDB-2019-015327
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2021-57176 // JVNDB: JVNDB-2019-015327 // CNNVD: CNNVD-202004-1271 // NVD: CVE-2019-20687 // NVD: CVE-2019-20687

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-20

Trust: 0.8

sources: JVNDB: JVNDB-2019-015327 // NVD: CVE-2019-20687

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202004-1271

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202004-1271

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-015327

PATCH
title:Security Advisory for Denial of Service on Some Routers and Gateways, PSV-2018-0182url:https://kb.netgear.com/000061452/Security-Advisory-for-Denial-of-Service-on-Some-Routers-and-Gateways-PSV-2018-0182
Trust: 0.8
title:Patch for Multiple NETGEAR products input verification error vulnerability (CNVD-2021-57176)url:https://www.cnvd.org.cn/patchInfo/show/283661
Trust: 0.6
title:Multiple NETGEAR Product input verification error vulnerability fixesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116547
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2021-57176 // 
            
            
            
            JVNDB: JVNDB-2019-015327 // 
            
            
            
            CNNVD: CNNVD-202004-1271

EXTERNAL IDS
db:NVDid:CVE-2019-20687
Trust: 3.0
db:JVNDBid:JVNDB-2019-015327
Trust: 0.8
db:CNVDid:CNVD-2021-57176
Trust: 0.6
db:CNNVDid:CNNVD-202004-1271
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2021-57176 // 
            
            
            
            JVNDB: JVNDB-2019-015327 // 
            
            
            
            CNNVD: CNNVD-202004-1271 // 
            
            
            
            NVD: CVE-2019-20687

REFERENCES
url:https://nvd.nist.gov/vuln/detail/cve-2019-20687
Trust: 2.0
url:https://kb.netgear.com/000061452/security-advisory-for-denial-of-service-on-some-routers-and-gateways-psv-2018-0182
Trust: 1.6
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20687
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2021-57176 // 
            
            
            
            JVNDB: JVNDB-2019-015327 // 
            
            
            
            CNNVD: CNNVD-202004-1271 // 
            
            
            
            NVD: CVE-2019-20687

CREDITS
Touhid M.Shaikh
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202004-1271

SOURCES
db:CNVDid:CNVD-2021-57176
db:JVNDBid:JVNDB-2019-015327
db:CNNVDid:CNNVD-202004-1271
db:NVDid:CVE-2019-20687

LAST UPDATE DATE
2024-11-23T23:01:24.850000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2021-57176date:2021-07-31T00:00:00
db:JVNDBid:JVNDB-2019-015327date:2020-05-12T00:00:00
db:CNNVDid:CNNVD-202004-1271date:2020-04-26T00:00:00
db:NVDid:CVE-2019-20687date:2024-11-21T04:39:05.047

SOURCES RELEASE DATE
db:CNVDid:CNVD-2021-57176date:2021-07-31T00:00:00
db:JVNDBid:JVNDB-2019-015327date:2020-05-12T00:00:00
db:CNNVDid:CNNVD-202004-1271date:2020-04-16T00:00:00
db:NVDid:CVE-2019-20687date:2020-04-16T19:15:23.180