PT-2020-17434 · NetGear · Rbs750+6
Published
2020-12-29
·
Updated
2020-12-30
·
CVE-2020-35794
CVSS v3.1
8.4
High
| Vector | AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N |
Name of the Vulnerable Software and Affected Versions
RBS40V versions prior to 2.6.1.4
RBK752 versions prior to 3.2.15.25
RBR750 versions prior to 3.2.15.25
RBS750 versions prior to 3.2.15.25
RBK852 versions prior to 3.2.15.25
RBR850 versions prior to 3.2.15.25
RBS850 versions prior to 3.2.15.25
Description
Certain NETGEAR devices are affected by command injection by an authenticated user.
Recommendations
For RBS40V version prior to 2.6.1.4, update to version 2.6.1.4 or later.
For RBK752 version prior to 3.2.15.25, update to version 3.2.15.25 or later.
For RBR750 version prior to 3.2.15.25, update to version 3.2.15.25 or later.
For RBS750 version prior to 3.2.15.25, update to version 3.2.15.25 or later.
For RBK852 version prior to 3.2.15.25, update to version 3.2.15.25 or later.
For RBR850 version prior to 3.2.15.25, update to version 3.2.15.25 or later.
For RBS850 version prior to 3.2.15.25, update to version 3.2.15.25 or later.
Fix
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rbk752
Rbk852
Rbr750
Rbr850
Rbs40V
Rbs750
Rbs850