Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-20699

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects GS105Ev2 before 1.6.0.4, GS105PE before 1.6.0.4, GS408EPP before 1.0.0.15, GS808E before 1.7.0.7, GS908E before 1.7.0.3, GSS108E before 1.6.0.4, and GSS108EPP before 1.0.0.15.

Published

2020-04-16T19:15:23.900

Last Modified

2024-11-21T04:39:06.857

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-120
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System netgear gs105e_firmware < 1.6.0.4 Yes
Hardware netgear gs105e v2 No
Operating System netgear gs105pe_firmware < 1.6.0.4 Yes
Hardware netgear gs105pe - No
Operating System netgear gs408epp_firmware < 1.0.0.15 Yes
Hardware netgear gs408epp - No
Operating System netgear gs808e_firmware < 1.7.0.7 Yes
Hardware netgear gs808e - No
Operating System netgear gs908e_firmware < 1.7.0.3 Yes
Hardware netgear gs908e - No
Operating System netgear gss108e_firmware < 1.6.0.4 Yes
Hardware netgear gss108e - No
Operating System netgear gss108epp_firmware < 1.0.0.15 Yes
Hardware netgear gss108epp - No
References