Remote Management Issue in NETGEAR Devices
CVE-2016-11057

7.5HIGH

Key Information:

Vendor: Netgear
Status: Jnr1010 Firmware
Vendor: CVE Published:; 28 April 2020

Summary

Certain NETGEAR devices are susceptible to a vulnerability that arises from the mishandling of repeated URL requests. This flaw could allow unauthorized access to remote management services, potentially compromising the security of the devices. It is crucial for users of JNR1010v2, WNR614, WNR618, JWNR2000v5, WNR2020, JWNR2010v5, WNR1000v4, WNR2020v2, R6220, and WNDR3700v5 to ensure that they update to the latest firmware versions released after January 6, 2017, to mitigate the risk associated with this vulnerability.

References

https://kb.netgear.com/29960/NETGEAR-Product-Vulnerabilit...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 28, 2020
Vulnerability Reserved
Apr 27, 2020