PT-2020-8870 · NetGear · Netgear Wnr2050+4

Published

2020-04-28

Updated

2020-05-05

CVE-2018-21226

CVSS v3.1

8.8

High

Vector

AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N

Name of the Vulnerable Software and Affected Versions NETGEAR JNR1010v2 versions prior to 1.1.0.48 NETGEAR JWNR2010v5 versions prior to 1.1.0.48 NETGEAR WNR1000v4 versions prior to 1.1.0.48 NETGEAR WNR2020 versions prior to 1.1.0.48 NETGEAR WNR2050 versions prior to 1.1.0.48

Description The issue is related to authentication bypass, which affects certain NETGEAR devices.

Recommendations For NETGEAR JNR1010v2 versions prior to 1.1.0.48, update to version 1.1.0.48 or later. For NETGEAR JWNR2010v5 versions prior to 1.1.0.48, update to version 1.1.0.48 or later. For NETGEAR WNR1000v4 versions prior to 1.1.0.48, update to version 1.1.0.48 or later. For NETGEAR WNR2020 versions prior to 1.1.0.48, update to version 1.1.0.48 or later. For NETGEAR WNR2050 versions prior to 1.1.0.48, update to version 1.1.0.48 or later.

Fix

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

CVE-2018-21226

Affected Products

Netgear Jnr1010V2

Netgear Jwnr2010V5

Netgear Wnr1000V4

Netgear Wnr2020

Netgear Wnr2050

PT-2020-8870 · NetGear · Netgear Wnr2050+4

CVE-2018-21226

Weakness Enumeration

Related Identifiers

Affected Products

References · 3