PT-2020-10674 · NetGear · Netgear Gs908E+5

Nstarke

·

Published

2020-04-16

·

Updated

2020-04-21

·

CVE-2019-20699

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions NETGEAR GS105Ev2 versions prior to 1.6.0.4 NETGEAR GS105PE versions prior to 1.6.0.4 NETGEAR GS408EPP versions prior to 1.0.0.15 NETGEAR GS808E versions prior to 1.7.0.7 NETGEAR GS908E versions prior to 1.7.0.3 NETGEAR GSS108E versions prior to 1.6.0.4 NETGEAR GSS108EPP versions prior to 1.0.0.15
Description The issue is a buffer overflow that can be exploited by an unauthenticated attacker.
Recommendations For NETGEAR GS105Ev2 versions prior to 1.6.0.4, update to version 1.6.0.4 or later. For NETGEAR GS105PE versions prior to 1.6.0.4, update to version 1.6.0.4 or later. For NETGEAR GS408EPP versions prior to 1.0.0.15, update to version 1.0.0.15 or later. For NETGEAR GS808E versions prior to 1.7.0.7, update to version 1.7.0.7 or later. For NETGEAR GS908E versions prior to 1.7.0.3, update to version 1.7.0.3 or later. For NETGEAR GSS108E versions prior to 1.6.0.4, update to version 1.6.0.4 or later. For NETGEAR GSS108EPP versions prior to 1.0.0.15, update to version 1.0.0.15 or later.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2019-20699

Affected Products

Netgear Gs105Ev2
Netgear Gs105Pe
Netgear Gs408Epp
Netgear Gs808E
Netgear Gs908E
Netgear Gss108E