CVE Vulnerability

CVE-2019-20690

Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.30, D7000 before 1.0.1.66, R6020 before 1.0.0.34, R6080 before 1.0.0.34, R6120 before 1.0.0.44, R6220 before 1.1.0.68, WNR2020 before 1.1.0.54, and WNR614 before 1.1.0.54.

5.8 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 6.5 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

8.8 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://kb.netgear.com/000061449/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-and-Gateways-PSV-2018-0073 Vendor Advisory
Configurations

Configuration 1
Information

Published : 2020-04-16 07:15

Updated : 2020-08-24 05:37

NVD link : CVE-2019-20690

Mitre link : CVE-2019-20690

Products Affected

Netgear

Wnr614 Firmware

CWE
NVD-CWE-noinfo