CVE-2020-35226

Name of the Vulnerable Software and Affected Versions: NETGEAR JGS516PE/GS116Ev2 version 2.6.0.43

Description: The issue is related to the configuration of the DHCP server in the firmware of Netgear ProSafe Plus JGS516PE and ProSAFE Plus GS116Ev2 devices. It is associated with insufficient sanitization of special elements in output used by an incoming component. An attacker can exploit this issue by sending specially crafted DHCP requests, potentially leading to a denial of service. The estimated number of potentially affected devices worldwide is not specified.

Recommendations: For NETGEAR JGS516PE/GS116Ev2 version 2.6.0.43, consider restricting access to the DHCP configuration to prevent unauthorized modifications until a patch is available. As a temporary workaround, avoid using the device's DHCP server functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.