Command Injection Vulnerability in NETGEAR Routers and Extenders
CVE-2019-20689

6.8MEDIUM

Key Information:

Vendor
Netgear
Status
D6000 Firmware
Vendor
CVE Published:
16 April 2020

Summary

Certain NETGEAR devices are susceptible to command injection if exploited by an authenticated user. This vulnerability is found in several models, allowing attackers to potentially execute arbitrary commands, putting network security at risk. Users should ensure their devices are updated to the latest firmware to mitigate this vulnerability.

References

https://kb.netgear.com/000061450/Security-Advisory-for-Po...
x_refsource_CONFIRM

CVSS V3.1

Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.