7.7
CVE-2020-27867
- EPSS 0.13%
- Published 12.02.2021 00:15:12
- Last modified 21.11.2024 05:21:57
- Source zdi-disclosures@trendmicro.com
- Teams watchlist Login
- Open Login
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. When parsing the funjsq_access_token parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11653.
Data is provided by the National Vulnerability Database (NVD)
Netgear ≫ Ac2100 Firmware Version < 1.2.0.76
Netgear ≫ Ac2400 Firmware Version < 1.2.0.76
Netgear ≫ Ac2600 Firmware Version < 1.2.0.76
Netgear ≫ R6700 Firmware Version < 1.2.0.76
Netgear ≫ R6800 Firmware Version < 1.2.0.76
Netgear ≫ R6900 Firmware Version < 1.2.0.76
Netgear ≫ R7200 Firmware Version < 1.2.0.76
Netgear ≫ R7350 Firmware Version < 1.2.0.76
Netgear ≫ R7400 Firmware Version < 1.2.0.76
Netgear ≫ R7450 Firmware Version < 1.2.0.76
Netgear ≫ R6220 Firmware Version < 1.1.0.104
Netgear ≫ R6230 Firmware Version < 1.1.0.104
Netgear ≫ R6260 Firmware Version < 1.1.0.78
Netgear ≫ R6330 Firmware Version < 1.1.0.78
Netgear ≫ R6350 Firmware Version < 1.1.0.78
Netgear ≫ R6850 Firmware Version < 1.1.0.78
Netgear ≫ R6120 Firmware Version < 1.0.0.76
Netgear ≫ R6020 Firmware Version < 1.0.0.48
Netgear ≫ R6080 Firmware Version < 1.0.0.48
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.336 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 0.9 | 5.9 |
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.7 | 5.1 | 10 |
AV:A/AC:L/Au:S/C:C/I:C/A:C
|
| zdi-disclosures@trendmicro.com | 6.8 | 0.9 | 5.9 |
CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.