NETGEAR devices information disclosure |
NAME
NETGEAR devices information disclosure
- Platforms Affected:
NETGEAR D8500
NETGEAR DC112A
NETGEAR R7000P
NETGEAR R8500
NETGEAR EX6130
NETGEAR DGN2200v4
NETGEAR DGN2200Bv4
NETGEAR R8000
NETGEAR R6400
NETGEAR R6400v2
NETGEAR XR300
NETGEAR R7000
NETGEAR R7900
NETGEAR R7960P
NETGEAR RAX200
NETGEAR RAX75
NETGEAR RAX80
NETGEAR RBS40V
NETGEAR EX7500
NETGEAR EX3700
NETGEAR EX6120
NETGEAR R8000P
NETGEAR D6220
NETGEAR D6400
NETGEAR WNDR3400v3
NETGEAR RS400 - Risk Level:
8.3 - Exploitability:
Unproven - Consequences:
Obtain Information
DESCRIPTION
NETGEAR devices could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system.
CVSS 3.0 Information
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Access Vector: Adjacent Network
- Access Complexity: Low
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: Low
- Remediation Level: Official Fix
MITIGATION
Refer to NETGEAR Security Advisory: PSV-2019-0272 for patch, upgrade or suggested workaround information. See References.
- Reference Link:
https://kb.netgear.com/000064759/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Extenders-PSV-2019-0272?article=000064759 - Reference Link:
If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.