CVE-2019-20695

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects SRK60 before 2.3.5.106, SRR60 before 2.3.5.106, and SRS60 before 2.3.5.106.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
9.4 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AC:L/AV:N/A:L/C:H/I:H/PR:N/S:U/UI:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
VendorProductVersion
netgearsrk60_firmware
𝑥
< 2.3.5.106
netgearsrr60_firmware
𝑥
< 2.3.5.106
netgearsrs60_firmware
𝑥
< 2.3.5.106
𝑥
= Vulnerable software versions
References
https://kb.netgear.com/000061234/Security-Advisory-for-Sensitive-Information-Disclosure-on-Orbi-Pro-WiFi-System-PSV-2019-0158
https://kb.netgear.com/000061234/Security-Advisory-for-Sensitive-Information-Disclosure-on-Orbi-Pro-WiFi-System-PSV-2019-0158