PT-2020-5980 · NetGear · Netgear Prosafe Plus Gs116Ev2+1

Published

2020-09-17

Updated

2021-03-16

CVE-2020-35220

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions NETGEAR ProSAFE Plus JGS516PE and ProSAFE Plus GS116Ev2 (affected versions not specified)

Description The issue is related to insufficient access control in the TFTP server of the firmware of NETGEAR ProSAFE Plus JGS516PE and ProSAFE Plus GS116Ev2 switches. It may allow a remote attacker to elevate their privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

BDU:2021-02251

CVE-2020-35220

Affected Products

Netgear Prosafe Plus Gs116Ev2

Netgear Prosafe Plus Jgs516Pe

PT-2020-5980 · NetGear · Netgear Prosafe Plus Gs116Ev2+1

CVE-2020-35220

Weakness Enumeration

Related Identifiers

Affected Products

References · 6