Access Control Vulnerability in NETGEAR Router Products
CVE-2020-26911

8.3HIGH

Key Information:

Vendor: Netgear
Status: D6200 Firmware
Vendor: CVE Published:; 9 October 2020

What is CVE-2020-26911?

Certain NETGEAR router models are susceptible to an access control issue at the function level. This flaw may allow unauthorized users to potentially gain access to sensitive functionalities, posing a risk to the security of the device and the network they manage. Devices including D6200, D7000, JR6150, and several others are affected if they run specific versions prior to their respective updates, emphasizing the importance of maintaining up-to-date firmware.

References

https://kb.netgear.com/000062342/Security-Advisory-for-Mi...

x_refsource_MISC

CVSS V3.1

Score:

8.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 9, 2020
Vulnerability Reserved
Oct 9, 2020

Netgear

What is CVE-2020-26911?

References

CVSS V3.1

Timeline