5.9
CVE-2015-8288
- EPSS 0.75%
- Veröffentlicht 20.06.2016 01:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle cret@cert.org
- Teams Watchlist Login
- Unerledigt Login
NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Netgear ≫ D3600 Firmware Version1.0.0.49
Netgear ≫ D6000 Firmware Version <= 1.0.0.49
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.75% | 0.707 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.9 | 2.2 | 3.6 |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|