PT-2021-11734 · Undefined · Undefined

Published

2021-03-08

·

Updated

2021-03-16

·

CVE-2020-35222

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Multiple Vulnerabilities in Netgear ProSAFE Plus JGS516PE/GS116Ev2 Switches (PoCs) https://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches // - Unauthenticated RCE (CVE-2020-26919)
  • NSDP Authentication Bypass (CVE-2020-35231)
  • Unauthenticated Firmware Update Mechanism (CVE-2020-35220)
  • TFTP Ineffective Firmware Checks (CVE-2020-35232)
  • Unauthenticated Buffer Overflow (CVE-2020-35224)
  • Insecure Password Hashing Mechanism (CVE-2020-35221)
  • Authentication Token Reuse (CVE-2020-35229)
  • Stored XSS in Language Settings (CVE-2020-35228)
  • Buffer Overflow in IP Source Params (CVE-2020-35227)
  • Unauthenticated Write Access to DHCP Configuration (CVE-2020-35226)
  • Unauthenticated Access to Switch Configuration Parameters (CVE-2020-35222)
  • TFTP Unexpected Behaviours (CVE-2020-35233)
  • Multiple Integer Overflow Instances (CVE-2020-35230)
  • Multiple Write Commands BoF (CVE-2020-35225)
  • Ineffective CSRF Protections (CVE-2020-35223)
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2020-35222

Affected Products

Undefined