8.8
CVE-2019-20656
- EPSS 0.43%
- Veröffentlicht 15.04.2020 19:15:13
- Zuletzt bearbeitet 21.11.2024 04:38:59
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
Certain NETGEAR devices are affected by a hardcoded password. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, PR2000 before 1.0.0.30, R6020 before 1.0.0.42, R6080 before 1.0.0.42, R6050 before 1.0.1.24, JR6150 before 1.0.1.24, R6120 before 1.0.0.48, R6220 before 1.1.0.86, R6230 before 1.1.0.86, R6260 before 1.1.0.64, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R6900v2 before 1.2.0.62, and WNR2020 before 1.1.0.62.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Netgear ≫ D6200 Firmware Version < 1.1.00.36
Netgear ≫ D7000 Firmware Version < 1.0.1.74
Netgear ≫ Pr2000 Firmware Version < 1.0.0.30
Netgear ≫ R6020 Firmware Version < 1.0.0.42
Netgear ≫ R6080 Firmware Version < 1.0.0.42
Netgear ≫ R6050 Firmware Version < 1.0.1.24
Netgear ≫ Jr6150 Firmware Version < 1.0.1.24
Netgear ≫ R6120 Firmware Version < 1.0.0.48
Netgear ≫ R6220 Firmware Version < 1.1.0.86
Netgear ≫ R6230 Firmware Version < 1.1.0.86
Netgear ≫ R6260 Firmware Version < 1.1.0.64
Netgear ≫ R6700 Firmware Version < 1.2.0.62
Netgear ≫ R6800 Firmware Version < 1.2.0.62
Netgear ≫ R6900 Firmware Version < 1.2.0.62
Netgear ≫ Wnr2020 Firmware Version < 1.1.0.62
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.43% | 0.615 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 3.3 | 6.5 | 2.9 |
AV:A/AC:L/Au:N/C:P/I:N/A:N
|
| cve@mitre.org | 6.4 | 1.2 | 5.2 |
CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
|
CWE-798 Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key.