CVE-2020-35230

Name of the Vulnerable Software and Affected Versions: Netgear ProSafe Plus JGS516PE version 2.6.0.43 Netgear ProSAFE Plus GS116Ev2 version 2.6.0.43

Description: The issue is related to insufficient input validation in the web administration panel of the affected devices, which can lead to integer overflow parameters. This can be exploited by a remote attacker to cause a denial of service attack or potentially execute arbitrary code using specially crafted POST requests. The vulnerability is associated with the web server, where most integer parameters can be abused.

Recommendations: For Netgear ProSafe Plus JGS516PE version 2.6.0.43, consider disabling access to the web administration panel until a patch is available. For Netgear ProSAFE Plus GS116Ev2 version 2.6.0.43, restrict access to the web server to minimize the risk of exploitation. As a temporary workaround, avoid using integer parameters in the affected web administration panel until the issue is resolved.