CVE-2019-20688

Name of the Vulnerable Software and Affected Versions D3600 versions prior to 1.0.0.75 D6000 versions prior to 1.0.0.75 D6100 versions prior to 1.0.0.63 EX2700 versions prior to 1.0.1.48 EX6100v2 versions prior to 1.0.1.76 EX6150v2 versions prior to 1.0.1.76 EX6200v2 versions prior to 1.0.1.72 EX6400 versions prior to 1.0.2.136 EX7300 versions prior to 1.0.2.136 EX8000 versions prior to 1.0.1.180 R7800 versions prior to 1.0.2.52 R8900 versions prior to 1.0.4.2 R9000 versions prior to 1.0.4.2 WN2000RPTv3 versions prior to 1.0.1.32 WN3000RPv2 versions prior to 1.0.0.68 WN3100RPv2 versions prior to 1.0.0.60 WNDR3700v4 versions prior to 1.0.2.102 WNDR4300v1 versions prior to 1.0.2.104 WNDR4300v2 versions prior to 1.0.0.58 WNDR4500v3 versions prior to 1.0.0.58 WNR2000v5 versions prior to 1.0.0.68 XR500 versions prior to 2.3.2.32

Description Certain NETGEAR devices are affected by command injection by an authenticated user.

Recommendations Update D3600 to version 1.0.0.75 or later Update D6000 to version 1.0.0.75 or later Update D6100 to version 1.0.0.63 or later Update EX2700 to version 1.0.1.48 or later Update EX6100v2 to version 1.0.1.76 or later Update EX6150v2 to version 1.0.1.76 or later Update EX6200v2 to version 1.0.1.72 or later Update EX6400 to version 1.0.2.136 or later Update EX7300 to version 1.0.2.136 or later Update EX8000 to version 1.0.1.180 or later Update R7800 to version 1.0.2.52 or later Update R8900 to version 1.0.4.2 or later Update R9000 to version 1.0.4.2 or later Update WN2000RPTv3 to version 1.0.1.32 or later Update WN3000RPv2 to version 1.0.0.68 or later Update WN3100RPv2 to version 1.0.0.60 or later Update WNDR3700v4 to version 1.0.2.102 or later Update WNDR4300v1 to version 1.0.2.104 or later Update WNDR4300v2 to version 1.0.0.58 or later Update WNDR4500v3 to version 1.0.0.58 or later Update WNR2000v5 to version 1.0.0.68 or later Update XR500 to version 2.3.2.32 or later