Vulnerability Name:

CCN-259168

Published:2023-06-28
Updated:2023-06-28
Summary:Multiple NETGEAR products could provide weaker than expected security, caused by a security misconfiguration security vulnerability. A local attacker could exploit this vulnerability to launch further attacks on the system
CVSS v3 Severity:6.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N)
5.9 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Partial
Availibility (A): None
Vulnerability Consequences:Gain Access
References:Source: XF
Type: UNKNOWN
netgear-multipleproducts-weak-security(259168)

Source: CCN
Type: NETGEAR Security Advisory: PSV-2022-0010
Security Advisory for Security Misconfiguration on Some Routers and WiFi Systems

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/h:netgear:rbr750:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rbk842:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rbr840:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rbs840:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rbk852:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rbs850:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:mk62:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:ms60:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rbk752:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rbs750:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:r6700:v3:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rax45:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rax50:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:mr60:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:cbr750:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rax43:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rax40:v2:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rax35:v2:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:mr80:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:ms80:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rax42:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rax38v2:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:raxe500:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:raxe450:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:cax80:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rax48:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rax50s:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rbre960:-:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:rbse960:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    netgear rbr750 -
    netgear rbk842 -
    netgear rbr840 -
    netgear rbs840 -
    netgear rbk852 -
    netgear rbs850 -
    netgear mk62 -
    netgear ms60 -
    netgear rbk752 -
    netgear rbs750 -
    netgear r6700 v3
    netgear rax45 -
    netgear rax50 -
    netgear mr60 -
    netgear cbr750 -
    netgear rax43 -
    netgear rax40 v2
    netgear rax35 v2
    netgear mr80 -
    netgear ms80 -
    netgear rax42 -
    netgear rax38v2 -
    netgear raxe500 -
    netgear raxe450 -
    netgear cax80 -
    netgear rax48 -
    netgear rax50s -
    netgear rbre960 -
    netgear rbse960 -