Details of VAR-202012-1197

ID

VAR-202012-1197

CVE

CVE-2020-35798

TITLE

plural NETGEAR Command injection vulnerabilities in devices

Trust: 0.8

sources: JVNDB: JVNDB-2020-015041

DESCRIPTION

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R6900P before 1.3.2.124, R7000 before 1.0.11.100, R7000P before 1.3.2.124, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7960P before 1.4.1.50, R8000 before 1.0.4.52, R7900P before 1.4.1.50, R8000P before 1.4.1.50, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.1.12, RAX45 before 1.0.2.66, RAX50 before 1.0.2.66, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RS400 before 1.5.0.48, and XR300 before 1.0.3.50. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Trust: 1.62

sources: NVD: CVE-2020-35798 // JVNDB: JVNDB-2020-015041

AFFECTED PRODUCTS

vendor:	netgear	model:	r7800	scope:	lt	version:	1.0.2.74	Trust: 1.0
vendor:	netgear	model:	rbr850	scope:	lt	version:	3.2.15.25	Trust: 1.0
vendor:	netgear	model:	r7900	scope:	lt	version:	1.0.4.26	Trust: 1.0
vendor:	netgear	model:	r7900p	scope:	lt	version:	1.4.1.50	Trust: 1.0
vendor:	netgear	model:	xr300	scope:	lt	version:	1.0.3.50	Trust: 1.0
vendor:	netgear	model:	r6900p	scope:	lt	version:	1.3.2.124	Trust: 1.0
vendor:	netgear	model:	r7000	scope:	lt	version:	1.0.11.100	Trust: 1.0
vendor:	netgear	model:	r7960p	scope:	lt	version:	1.4.1.50	Trust: 1.0
vendor:	netgear	model:	rax80	scope:	lt	version:	1.0.3.102	Trust: 1.0
vendor:	netgear	model:	rbk852	scope:	lt	version:	3.2.15.25	Trust: 1.0
vendor:	netgear	model:	rs400	scope:	lt	version:	1.5.0.48	Trust: 1.0
vendor:	netgear	model:	rax45	scope:	lt	version:	1.0.2.66	Trust: 1.0
vendor:	netgear	model:	rax50	scope:	lt	version:	1.0.2.66	Trust: 1.0
vendor:	netgear	model:	r8000p	scope:	lt	version:	1.4.1.50	Trust: 1.0
vendor:	netgear	model:	rax15	scope:	lt	version:	1.0.1.64	Trust: 1.0
vendor:	netgear	model:	rbk752	scope:	lt	version:	3.2.16.6	Trust: 1.0
vendor:	netgear	model:	rbs850	scope:	lt	version:	3.2.15.25	Trust: 1.0
vendor:	netgear	model:	rax200	scope:	lt	version:	1.0.1.12	Trust: 1.0
vendor:	netgear	model:	rbs750	scope:	lt	version:	3.2.16.6	Trust: 1.0
vendor:	netgear	model:	r6400v2	scope:	lt	version:	1.0.4.84	Trust: 1.0
vendor:	netgear	model:	r7850	scope:	lt	version:	1.0.5.60	Trust: 1.0
vendor:	netgear	model:	r7000p	scope:	lt	version:	1.3.2.124	Trust: 1.0
vendor:	netgear	model:	rbr840	scope:	lt	version:	3.2.15.25	Trust: 1.0
vendor:	netgear	model:	r8000	scope:	lt	version:	1.0.4.52	Trust: 1.0
vendor:	netgear	model:	rax75	scope:	lt	version:	1.0.3.102	Trust: 1.0
vendor:	netgear	model:	rbr750	scope:	lt	version:	3.2.16.6	Trust: 1.0
vendor:	netgear	model:	rbs840	scope:	lt	version:	3.2.15.25	Trust: 1.0
vendor:	netgear	model:	r6700v3	scope:	lt	version:	1.0.4.84	Trust: 1.0
vendor:	netgear	model:	rax20	scope:	lt	version:	1.0.1.64	Trust: 1.0
vendor:	netgear	model:	rbk842	scope:	lt	version:	3.2.15.25	Trust: 1.0
vendor:	ネットギア	model:	r7000	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r6700v3	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r8000	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r6900p	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r7000p	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r7850	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r7900	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r6400v2	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r7960p	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r7800	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2020-015041 // NVD: CVE-2020-35798

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-35798
value:	HIGH
Trust: 1.0
cve@mitre.org:	CVE-2020-35798
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2020-35798
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202012-1738
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2020-35798
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8

nvd@nist.gov:	CVE-2020-35798
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
cve@mitre.org:	CVE-2020-35798
baseSeverity:	CRITICAL
baseScore:	9.3
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.5
impactScore:	6.0
version:	3.1
Trust: 1.0
NVD:	CVE-2020-35798
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2020-015041 // CNNVD: CNNVD-202012-1738 // NVD: CVE-2020-35798 // NVD: CVE-2020-35798

PROBLEMTYPE DATA

problemtype:	CWE-77	Trust: 1.0
problemtype:	Command injection (CWE-77) [NVD Evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2020-015041 // NVD: CVE-2020-35798

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202012-1738

TYPE

command injection

Trust: 0.6

sources: CNNVD: CNNVD-202012-1738

PATCH

title:	Security Advisory for Pre-Authentication Command Injection on Some Routers and WiFi Systems, PSV-2019-0218	url:	https://kb.netgear.com/000062715/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2019-0218	Trust: 0.8
title:	Certain NETGEAR devices Fixes for command injection vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138119	Trust: 0.6

sources: JVNDB: JVNDB-2020-015041 // CNNVD: CNNVD-202012-1738

EXTERNAL IDS

db:	NVD	id:	CVE-2020-35798	Trust: 2.4
db:	JVNDB	id:	JVNDB-2020-015041	Trust: 0.8
db:	CNNVD	id:	CNNVD-202012-1738	Trust: 0.6

sources: JVNDB: JVNDB-2020-015041 // CNNVD: CNNVD-202012-1738 // NVD: CVE-2020-35798

REFERENCES

url:	https://kb.netgear.com/000062715/security-advisory-for-pre-authentication-command-injection-on-some-routers-and-wifi-systems-psv-2019-0218	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2020-35798	Trust: 1.4

sources: JVNDB: JVNDB-2020-015041 // CNNVD: CNNVD-202012-1738 // NVD: CVE-2020-35798

SOURCES

db:	JVNDB	id:	JVNDB-2020-015041
db:	CNNVD	id:	CNNVD-202012-1738
db:	NVD	id:	CVE-2020-35798

LAST UPDATE DATE

2024-11-23T22:47:44.558000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2020-015041	date:	2021-09-08T08:43:00
db:	CNNVD	id:	CNNVD-202012-1738	date:	2021-01-12T00:00:00
db:	NVD	id:	CVE-2020-35798	date:	2024-11-21T05:28:08.150

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2020-015041	date:	2021-09-08T00:00:00
db:	CNNVD	id:	CNNVD-202012-1738	date:	2020-12-29T00:00:00
db:	NVD	id:	CVE-2020-35798	date:	2020-12-30T00:15:14.267