| Vulnerability Name: | CVE-2020-35224 (CCN-198037) | ||||||||||||
| Assigned: | 2020-12-13 | ||||||||||||
| Published: | 2021-03-08 | ||||||||||||
| Updated: | 2021-03-15 | ||||||||||||
| Summary: | A buffer overflow vulnerability in the NSDP protocol authentication method on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allows remote unauthenticated attackers to force a device reboot. | ||||||||||||
| CVSS v3 Severity: | 6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) 5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
7.1 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 6.1 Medium (CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:N/A:C)
| ||||||||||||
| Vulnerability Type: | CWE-120 | ||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2020-35224 Source: CCN Type: NETGEAR Web site NETGEAR: Networking Products Made For You Source: XF Type: UNKNOWN netgear-cve202035224-bo(198037) Source: CCN Type: NCC Group Web site Multiple Vulnerabilities in Netgear ProSAFE Plus JGS516PE / GS116Ev2 Switches Source: MISC Type: Vendor Advisory https://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/ | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||