CVE-2020-35795

CWE-120Classic Buffer Overflow3 documents3 sources
Severity
9.8CRITICAL
EPSS
0.6%
top 31.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
77
Netgear Ac2100 FirmwareNetgear Ac2400 FirmwareNetgear Ac2600 Firmware+74 more
Timeline
PublishedDec 30
Latest updateMay 24

Description

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D7800 before 1.0.1.58, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX7500 before 1.0.0.68, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6330 before 1.1.0.76,

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages77 packages

NVDnetgear/r6900p_firmware< 1.3.2.124
NVDnetgear/r7000p_firmware< 1.3.2.124
NVDnetgear/r7900p_firmware< 1.4.1.62
NVDnetgear/r8000p_firmware< 1.4.1.62
NVDnetgear/rax200_firmware< 1.0.2.102

🔴Vulnerability Details

2
GHSA
GHSA-37xm-62j3-375v: Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker2022-05-24
CVEList
CVE-2020-35795: Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker2020-12-29
CVE-2020-35795 (CRITICAL CVSS 9.8) | Certain NETGEAR devices are affecte | cvebase.io