CVE-2020-35802

CWE-200Information Exposure3 documents3 sources
Severity
7.5HIGH
EPSS
0.3%
top 44.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
14
Netgear Cbr40 FirmwareNetgear Rax75 FirmwareNetgear Rax80 Firmware+11 more
Timeline
PublishedDec 30
Latest updateMay 24

Description

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.14, RBW30 before 2.6.1.4, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, and RBS40V before 2.6.1.4.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages14 packages

NVDnetgear/cbr40_firmware< 2.5.0.14
NVDnetgear/rax75_firmware< 1.0.3.102
NVDnetgear/rax80_firmware< 1.0.3.102
NVDnetgear/rbw30_firmware< 2.6.1.4
NVDnetgear/rbk752_firmware< 3.2.16.6

🔴Vulnerability Details

2
GHSA
GHSA-mf95-74qr-37vw: Certain NETGEAR devices are affected by disclosure of sensitive information2022-05-24
CVEList
CVE-2020-35802: Certain NETGEAR devices are affected by disclosure of sensitive information2020-12-29
CVE-2020-35802 (HIGH CVSS 7.5) | Certain NETGEAR devices are affecte | cvebase.io