CVE-2019-20727

Name of the Vulnerable Software and Affected Versions NETGEAR D6100 versions 1.0.0.0 through 1.0.0.62 NETGEAR R7800 versions 1.0.0.0 through 1.0.2.51 NETGEAR R8900 versions 1.0.0.0 through 1.0.4.1 NETGEAR R9000 versions 1.0.0.0 through 1.0.4.1 NETGEAR WNDR3700v4 versions 1.0.0.0 through 1.0.2.101 NETGEAR WNDR4300v1 versions 1.0.0.0 through 1.0.2.103 NETGEAR WNDR4300v2 versions 1.0.0.0 through 1.0.0.57 NETGEAR WNDR4500v3 versions 1.0.0.0 through 1.0.0.57 NETGEAR WNR2000v5 versions 1.0.0.0 through 1.0.0.67 NETGEAR XR500 versions 1.0.0.0 through 2.3.2.31

Description The issue affects certain NETGEAR devices, allowing command injection by an authenticated user.

Recommendations For NETGEAR D6100 version 1.0.0.62 and earlier, update to version 1.0.0.63 or later. For NETGEAR R7800 version 1.0.2.51 and earlier, update to version 1.0.2.52 or later. For NETGEAR R8900 version 1.0.4.1 and earlier, update to version 1.0.4.2 or later. For NETGEAR R9000 version 1.0.4.1 and earlier, update to version 1.0.4.2 or later. For NETGEAR WNDR3700v4 version 1.0.2.101 and earlier, update to version 1.0.2.102 or later. For NETGEAR WNDR4300v1 version 1.0.2.103 and earlier, update to version 1.0.2.104 or later. For NETGEAR WNDR4300v2 version 1.0.0.57 and earlier, update to version 1.0.0.58 or later. For NETGEAR WNDR4500v3 version 1.0.0.57 and earlier, update to version 1.0.0.58 or later. For NETGEAR WNR2000v5 version 1.0.0.67 and earlier, update to version 1.0.0.68 or later. For NETGEAR XR500 version 2.3.2.31 and earlier, update to version 2.3.2.32 or later.