NETGEAR DGN2200v1 devices before v1.0.0.60 mishandle HTTPd authentication (aka PSV-2020-0363, PSV-2020-0364, and PSV-2020-0365).
oryginał ENCVSS Vector
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:HNetgear Dgn2200
HWNetgearv1Netgear Dgn2200 Firmware
OSNetgear< 1.0.0.60
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Auth Bypass
CWE
Powiązane podatności
CVE-2017-6077CRITICAL9.8⚠ KEVten sam produkt
ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execu...
CVE-2021-38516CRITICAL10.0ten sam produkt
Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 befor...
CVE-2019-17373CRITICAL9.8ten sam produkt
Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending wi...
CVE-2016-5649CRITICAL9.8ten sam produkt
A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, an...
CVE-2024-57046HIGH8.8ten sam produkt
A vulnerability in the Netgear DGN2200 router with firmware version v1.0.0.46 and earlier permits unauthorized...