CVE-2019-20676

Name of the Vulnerable Software and Affected Versions NETGEAR FS728TLP versions prior to 1.0.1.26 NETGEAR GS105Ev2 versions prior to 1.6.0.4 NETGEAR GS105PE versions prior to 1.6.0.4 NETGEAR GS108Ev3 versions prior to 2.06.08 NETGEAR GS108PEv3 versions prior to 2.06.08 NETGEAR GS110EMX versions prior to 1.0.1.4 NETGEAR GS116Ev2 versions prior to 2.6.0.35 NETGEAR GS408EPP versions prior to 1.0.0.15 NETGEAR GS724TPv2 versions prior to 1.1.1.29 NETGEAR GS808E versions prior to 1.7.0.7 NETGEAR GS810EMX versions prior to 1.7.1.1 NETGEAR GS908E versions prior to 1.7.0.3 NETGEAR GSS108E versions prior to 1.6.0.4 NETGEAR GSS108EPP versions prior to 1.0.0.15 NETGEAR GSS116E versions prior to 1.6.0.9 NETGEAR JGS516PE versions prior to 2.6.0.35 NETGEAR JGS524Ev2 versions prior to 2.6.0.35 NETGEAR JGS524PE versions prior to 2.6.0.35 NETGEAR XS512EM versions prior to 1.0.1.1 NETGEAR XS708Ev2 versions prior to 1.6.0.23 NETGEAR XS716E versions prior to 1.6.0.23 NETGEAR XS724EM versions prior to 1.0.1.1

Description The issue is related to a lack of access control at the function level in certain NETGEAR devices.

Recommendations For NETGEAR FS728TLP version prior to 1.0.1.26, update to version 1.0.1.26 or later. For NETGEAR GS105Ev2 version prior to 1.6.0.4, update to version 1.6.0.4 or later. For NETGEAR GS105PE version prior to 1.6.0.4, update to version 1.6.0.4 or later. For NETGEAR GS108Ev3 version prior to 2.06.08, update to version 2.06.08 or later. For NETGEAR GS108PEv3 version prior to 2.06.08, update to version 2.06.08 or later. For NETGEAR GS110EMX version prior to 1.0.1.4, update to version 1.0.1.4 or later. For NETGEAR GS116Ev2 version prior to 2.6.0.35, update to version 2.6.0.35 or later. For NETGEAR GS408EPP version prior to 1.0.0.15, update to version 1.0.0.15 or later. For NETGEAR GS724TPv2 version prior to 1.1.1.29, update to version 1.1.1.29 or later. For NETGEAR GS808E version prior to 1.7.0.7, update to version 1.7.0.7 or later. For NETGEAR GS810EMX version prior to 1.7.1.1, update to version 1.7.1.1 or later. For NETGEAR GS908E version prior to 1.7.0.3, update to version 1.7.0.3 or later. For NETGEAR GSS108E version prior to 1.6.0.4, update to version 1.6.0.4 or later. For NETGEAR GSS108EPP version prior to 1.0.0.15, update to version 1.0.0.15 or later. For NETGEAR GSS116E version prior to 1.6.0.9, update to version 1.6.0.9 or later. For NETGEAR JGS516PE version prior to 2.6.0.35, update to version 2.6.0.35 or later. For NETGEAR JGS524Ev2 version prior to 2.6.0.35, update to version 2.6.0.35 or later. For NETGEAR JGS524PE version prior to 2.6.0.35, update to version 2.6.0.35 or later. For NETGEAR XS512EM version prior to 1.0.1.1, update to version 1.0.1.1 or later. For NETGEAR XS708Ev2 version prior to 1.6.0.23, update to version 1.6.0.23 or later. For NETGEAR XS716E version prior to 1.6.0.23, update to version 1.6.0.23 or later. For NETGEAR XS724EM version prior to 1.0.1.1, update to version 1.0.1.1 or later.