Sign-up

ID

VAR-202010-0411


CVE

CVE-2020-17409


TITLE

plural  NETGEAR  Vulnerability in authentication bypass using alternate path or channel in router

Trust: 0.8

sources: JVNDB: JVNDB-2020-012257

DESCRIPTION

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6260, R6220, R6020, JNR3210, and WNR2020 routers with firmware 1.0.66. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-10754. plural NETGEAR The router is vulnerable to authentication bypass using alternate paths or channels. Zero Day Initiative To this vulnerability ZDI-CAN-10754 Was numbered.Information may be obtained

Trust: 2.34

sources: NVD: CVE-2020-17409 // JVNDB: JVNDB-2020-012257 // ZDI: ZDI-20-1176 // VULMON: CVE-2020-17409

AFFECTED PRODUCTS

vendor:netgearmodel:r6220scope:ltversion:1.1.0.100

Trust: 1.0

vendor:netgearmodel:r6120scope:ltversion:1.0.0.70

Trust: 1.0

vendor:netgearmodel:r6080scope:ltversion:1.0.0.44

Trust: 1.0

vendor:netgearmodel:r6850scope:ltversion:1.1.0.76

Trust: 1.0

vendor:netgearmodel:r6330scope:ltversion:1.1.0.76

Trust: 1.0

vendor:netgearmodel:jnr3210scope:eqversion: -

Trust: 1.0

vendor:netgearmodel:wnr2020scope:eqversion: -

Trust: 1.0

vendor:netgearmodel:r6020scope:ltversion:1.0.0.44

Trust: 1.0

vendor:netgearmodel:r6230scope:ltversion:1.1.0.100

Trust: 1.0

vendor:netgearmodel:r6350scope:ltversion:1.1.0.76

Trust: 1.0

vendor:netgearmodel:r6260scope:ltversion:1.1.0.76

Trust: 1.0

vendor:ネットギアmodel:jnr3210scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r6020scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r6080scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r6120scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r6220scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r6230scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r6260scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r6330scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r6350scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r6850scope: - version: -

Trust: 0.8

vendor:netgearmodel:multiple routersscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-20-1176 // JVNDB: JVNDB-2020-012257 // NVD: CVE-2020-17409

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-17409
value: MEDIUM

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2020-17409
value: MEDIUM

Trust: 1.0

NVD: CVE-2020-17409
value: MEDIUM

Trust: 0.8

ZDI: CVE-2020-17409
value: MEDIUM

Trust: 0.7

CNNVD: CNNVD-202010-583
value: MEDIUM

Trust: 0.6

VULMON: CVE-2020-17409
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2020-17409
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

zdi-disclosures@trendmicro.com: CVE-2020-17409
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2020-17409
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

ZDI: CVE-2020-17409
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-20-1176 // VULMON: CVE-2020-17409 // JVNDB: JVNDB-2020-012257 // CNNVD: CNNVD-202010-583 // NVD: CVE-2020-17409 // NVD: CVE-2020-17409

PROBLEMTYPE DATA

problemtype:CWE-288

Trust: 1.0

problemtype:Authentication bypass using alternate path or channel (CWE-288) [ Other ]

Trust: 0.8

sources: JVNDB: JVNDB-2020-012257 // NVD: CVE-2020-17409

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202010-583

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202010-583

PATCH

title:Security Advisory for Authentication Bypass on Some Routers, PSV-2020-0258url:https://kb.netgear.com/000062304/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-PSV-2020-0258

Trust: 1.5

title:mini_httpd service Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=130160

Trust: 0.6

sources: ZDI: ZDI-20-1176 // JVNDB: JVNDB-2020-012257 // CNNVD: CNNVD-202010-583

EXTERNAL IDS

db:NVDid:CVE-2020-17409

Trust: 3.2

db:ZDIid:ZDI-20-1176

Trust: 3.2

db:JVNDBid:JVNDB-2020-012257

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-10754

Trust: 0.7

db:CNNVDid:CNNVD-202010-583

Trust: 0.6

db:VULMONid:CVE-2020-17409

Trust: 0.1

sources: ZDI: ZDI-20-1176 // VULMON: CVE-2020-17409 // JVNDB: JVNDB-2020-012257 // CNNVD: CNNVD-202010-583 // NVD: CVE-2020-17409

REFERENCES

url:https://www.zerodayinitiative.com/advisories/zdi-20-1176/

Trust: 2.5

url:https://kb.netgear.com/000062304/security-advisory-for-authentication-bypass-on-some-routers-psv-2020-0258

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-17409

Trust: 1.4

url:https://cwe.mitre.org/data/definitions/288.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: ZDI: ZDI-20-1176 // VULMON: CVE-2020-17409 // JVNDB: JVNDB-2020-012257 // CNNVD: CNNVD-202010-583 // NVD: CVE-2020-17409

CREDITS

Anonymous

Trust: 0.7

sources: ZDI: ZDI-20-1176

SOURCES

db:ZDIid:ZDI-20-1176
db:VULMONid:CVE-2020-17409
db:JVNDBid:JVNDB-2020-012257
db:CNNVDid:CNNVD-202010-583
db:NVDid:CVE-2020-17409

LAST UPDATE DATE

2024-11-23T22:58:08.413000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-20-1176date:2020-09-15T00:00:00
db:VULMONid:CVE-2020-17409date:2020-12-03T00:00:00
db:JVNDBid:JVNDB-2020-012257date:2021-04-27T09:05:00
db:CNNVDid:CNNVD-202010-583date:2020-10-27T00:00:00
db:NVDid:CVE-2020-17409date:2024-11-21T05:08:02.343

SOURCES RELEASE DATE

db:ZDIid:ZDI-20-1176date:2020-09-15T00:00:00
db:VULMONid:CVE-2020-17409date:2020-10-13T00:00:00
db:JVNDBid:JVNDB-2020-012257date:2021-04-27T00:00:00
db:CNNVDid:CNNVD-202010-583date:2020-10-13T00:00:00
db:NVDid:CVE-2020-17409date:2020-10-13T17:15:13.777