NETGEAR devices information disclosure |
NAME
NETGEAR devices information disclosure
- Platforms Affected:
NETGEAR R7000P
NETGEAR R8500
NETGEAR R6400v2
NETGEAR XR300
NETGEAR RBK752
NETGEAR RBR750
NETGEAR RBK852
NETGEAR RBR850
NETGEAR RBS850
NETGEAR CBR40
NETGEAR RBS750 - Risk Level:
9.6 - Exploitability:
Unproven - Consequences:
Obtain Information
DESCRIPTION
NETGEAR devices could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to obtain administrative credentials use this information to launch further attacks against the affected system.
CVSS 3.0 Information
- Privileges Required: None
- User Interaction: None
- Scope: Changed
- Access Vector: Adjacent Network
- Access Complexity: Low
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: Low
- Remediation Level: Official Fix
MITIGATION
Refer to NETGEAR Security Advisory: PSV-2020-0038 for patch, upgrade or suggested workaround information. See References.
- Reference Link:
https://kb.netgear.com/000064762/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-Routers-and-WiFi-Systems-PSV-2020-0038?article=000064762 - Reference Link:
If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.
