CVE-2020-35787

CWE-120Classic Buffer Overflow3 documents3 sources
Severity
8.0HIGH
EPSS
0.1%
top 66.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
26
Netgear D3600 FirmwareNetgear D6000 FirmwareNetgear D6200 Firmware+23 more
Timeline
PublishedDec 30
Latest updateMay 24

Description

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.1 | Impact: 5.9

Affected Packages26 packages

NVDnetgear/r6900p_firmware< 1.3.1.64
NVDnetgear/r7000p_firmware< 1.3.1.64
NVDnetgear/d3600_firmware< 1.0.0.76
NVDnetgear/d6000_firmware< 1.0.0.76
NVDnetgear/d6200_firmware< 1.1.00.36

🔴Vulnerability Details

2
GHSA
GHSA-6gcw-7qx9-8vhw: Certain NETGEAR devices are affected by a buffer overflow by an authenticated user2022-05-24
CVEList
CVE-2020-35787: Certain NETGEAR devices are affected by a buffer overflow by an authenticated user2020-12-29
CVE-2020-35787 (HIGH CVSS 8) | Certain NETGEAR devices are affecte | cvebase.io