Access Control Vulnerability in NETGEAR RAX40 Router
CVE-2019-20641

8.8HIGH

Key Information:

Vendor: Netgear
Status: Rax40 Firmware
Vendor: CVE Published:; 15 April 2020

Summary

NETGEAR RAX40 routers prior to version 1.0.3.64 have a vulnerability that allows unauthorized access due to insufficient function-level access controls. This flaw can enable attackers to gain access to sensitive functions or data without proper authentication measures. It is essential for users to update their devices to the latest firmware version to mitigate this risk and enhance the security of their network.

References

https://kb.netgear.com/000061501/Security-Advisory-for-Mi...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 15, 2020
Vulnerability Reserved
Apr 15, 2020