Details of VAR-202006-1925

ID

VAR-202006-1925

TITLE

Unauthorized remote code execution vulnerability in multiple Netgear devices

Trust: 0.6

sources: CNVD: CNVD-2020-34628

DESCRIPTION

NETGEAR is a computer network equipment developer founded in 1996 and headquartered in San Jose, California. Many NETGEAR devices have unauthorized remote code execution vulnerabilities. Attackers can use the vulnerability to execute commands directly.

Trust: 0.6

sources: CNVD: CNVD-2020-34628

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-34628

AFFECTED PRODUCTS

vendor:	netgear	model:	ac1450 v1.0.0.6 1.0.3-v1.0.0.36 10.0.17	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	d6220 v1.0.0.16 1.0.16-v1.0.0.52 1.0.52	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	d6300b v1.0.0.16 1.0.16-v1.0.0.102 1.0.102	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	d6400 v1.0.0.22 1.0.22-v1.0.0.88 1.0.88	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	d7000v2 v1.0.0.38 1.0.1-v1.0.0.56 1.0.1	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	dc112a v1.0.0.24 1.0.60-v1.0.0.44 1.0.60	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	dgn2200 v1.0.0.36 7.0.36-v1.0.0.58 7.0.57	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	dgn2200v4 v1.0.0.5 5.0.3-v1.0.0.110 1.0.110	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	dgn2200m v1.0.0.24 1.0.20na-v1.0.0.37 1.0.21ww	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	dgnd3700 v1.0.0.12 1.0.12na-v1.0.0.17 1.0.17	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	ex3700 v1.0.0.22 1.0.17-v1.0.0.78 1.0.51	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	ex3800 v1.0.0.26 1.0.19-v1.0.0.78 1.0.51	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	ex3920 v1.0.0.26 1.0.19-v1.0.0.78 1.0.51	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	ex6000 v1.0.0.10 1.0.6-v1.0.0.38 1.0.22	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	ex6100 v1.0.0.22 1.0.51-v1.0.2.24 1.1.134	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	ex6120 v1.0.0.4 1.0.2-v1.0.0.48 1.0.30	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	ex6130 v1.0.0.12 1.0.7-v1.0.0.30 1.0.17	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	ex6150 v1.0.0.14 1.0.54-v1.0.0.42 1.0.73	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	ex6200 v1.0.0.38 1.1.52-v1.0.3.90 1.1.125	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	ex6920 v1.0.0.4 1.0.2-v1.0.0.40 1.0.25	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	ex7000 v1.0.0.30 1.0.72-v1.0.1.84 1.0.148	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	lg2200d v1.0.0.57 1.0.40	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	mbm621	scope:	eq	version:	v1.1.3	Trust: 0.6
vendor:	netgear	model:	mbr624gu v6.00.22.12-v6.01.30.64ww	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	mbr1200	scope:	eq	version:	v1.2.2.53	Trust: 0.6
vendor:	netgear	model:	mbr1515	scope:	eq	version:	v1.2.2.68	Trust: 0.6
vendor:	netgear	model:	mbr1516 v1.2.2.84bm	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	mbrn3000 v1.0.0.43na-v1.0.0.74 2.0.12ww	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	mvbr1210c v1.2.0.35bm	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r4500 v1.0.0.4 1.0.3	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r6200 v1.0.0.18 1.0.18-v1.0.1.58 1.0.44	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r6200v2 v1.0.1.14 1.0.14-v1.0.3.12 10.1.11	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r6250 v1.0.0.62 1.0.62-v1.0.4.38 10.1.30	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r6300 v1.0.0.68 1.0.16-v1.0.2.80 1.0.59	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r6300v2 v1.0.1.72 1.0.21-v1.0.4.36 10.0.93	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r6400 v1.0.0.14 1.0.8-v1.0.1.52 1.0.36	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r6400v2 v1.0.2.14 1.0.7-v1.0.4.84 10.0.58	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r6700 v1.0.0.2 1.0.1-v1.0.2.8 10.0.53	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r6700v3 v1.0.2.52 1.0.39-v1.0.4.84 10.0.58	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r6900 v1.0.0.2 1.0.2-v1.0.2.8 10.0.38	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r6900p v1.0.0.46 1.0.30-v1.3.1.64 10.1.36	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r7000 v1.0.0.96 1.0.15-v1.0.11.100 10.2.100	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r7000p v1.0.0.44 1.0.27-v1.3.1.64 10.1.36	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r7100lg v1.0.0.24 1.0.6-v1.0.0.52 1.0.6	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r7300 v1.0.0.26 1.0.6-v1.0.0.74 1.0.29	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r7850 v1.0.4.42 10.0.1-v1.0.5.48 10.0.4	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r7900 v1.0.0.2 10.0.1-v1.0.4.22 10.0.44	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r8300 v1.0.2.48 1.0.52-v1.0.2.130 1.0.99	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r8500 v1.0.0.28 1.0.15-v1.0.2.130 1.0.99	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wgr614v8 v1.1.20 7.0.37na-v1.2.10 21.0.52	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wgr614v9 v1.0.9 1.0.1na-v1.2.32 43.0.46	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wgr614v10 v1.0.2.18 47.0.52na-v1.0.2.66 60.0.90	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wgt624v4 v2.0.6 2.0.6na-v2.0.13 2.0.15na	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wn2500rpv2 v1.0.0.24 1.0.53-v1.0.0.30 1.0.58	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wn2500rpv2 v1.0.0.30 1.0.41-v1.0.1.54 1.0.68	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wn3000rp v1.0.0.12 1.0.12-v1.0.2.64 1.1.86	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wn3100rpv2 v1.0.0.6 1.0.12-v1.0.0.20 1.0.22	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wn3500rp v1.0.0.12 1.0.49-v1.0.0.22 1.0.62	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wnce3001 v1.0.0.38-v1.0.0.50 1.0.35	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wndr3300v2 v1.0.0.26 11.0.26na	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wndr3400 v1.0.0.34 15.0.42-v1.0.0.52 20.0.60	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wndr3400v2 v1.0.0.54 1.0.82	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wndr3400v3 v1.0.0.20 1.0.28-v1.0.1.24 1.0.67	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wndr3700v3 v1.0.0.18 1.0.14-v1.0.0.42 1.0.33	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wndr4000 v1.0.0.66 8.0.55-v1.0.2.10 9.1.89	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wndr4500 v1.0.0.40 1.0.10-v1.0.1.46 1.0.76	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wndr4500v2 v1.0.0.26 1.0.16-v1.0.0.72 1.0.45	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wnr834bv2 v1.0.32 1.0.32na-v2.1.13 2.1.13	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wnr1000v3 v1.0.2.4 39.0.39-v1.0.2.72 60.0.96	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wnr2000v2 v1.0.0.34 29.0.45na-v1.2.0.8 36.0.60	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wnr3500 v1.0.10 1.0.10na-v1.0.36 8.0.36na	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wnr3500v2 v1.0.0.64 11.0.51na-v1.2.2.28 25.0.85	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wnr3500l v1.0.0.86 13.0.75na-v1.2.2.48 35.0.55na	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wnr3500lv2 v1.0.0.10-v1.2.0.56 50.0.96	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	xr300 v1.0.1.4 10.1.4-v1.0.3.38 10.3.30	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	r8000 v1.0.0.46 1.0.17-v1.0.4.46 10.1.63	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	rs400 v1.5.0.34 10.0.33	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	wndr3300 v1.0.14na-v1.0.45 1.0.45	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2020-34628

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2020-34628
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2020-34628
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2020-34628

EXTERNAL IDS

db:	SEEBUG	id:	SSVID-98253	Trust: 0.6
db:	CNVD	id:	CNVD-2020-34628	Trust: 0.6

sources: CNVD: CNVD-2020-34628

REFERENCES

url:	https://github.com/grimm-co/notquite0dayfriday/tree/master/2020.06.15-netgear	Trust: 0.6
url:	https://www.seebug.org/vuldb/ssvid-98253	Trust: 0.6
url:	https://www.zoomeye.org/searchresult?q=service%3a%22http%22service%3a%	Trust: 0.6

sources: CNVD: CNVD-2020-34628

SOURCES

db:

CNVD

id:

CNVD-2020-34628

LAST UPDATE DATE

2022-05-17T02:01:00.901000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2020-34628

date:

2020-06-24T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2020-34628

date:

2020-06-24T00:00:00