CVE-2019-20695

EUVD-2019-11234
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects SRK60 before 2.3.5.106, SRR60 before 2.3.5.106, and SRS60 before 2.3.5.106.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
9.4 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AC:L/AV:N/A:L/C:H/I:H/PR:N/S:U/UI:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
Affected Products (NVD)
VendorProductVersion
netgearsrk60_firmware
𝑥
< 2.3.5.106
netgearsrr60_firmware
𝑥
< 2.3.5.106
netgearsrs60_firmware
𝑥
< 2.3.5.106
𝑥
= Vulnerable software versions
References
https://kb.netgear.com/000061234/Security-Advisory-for-Sensitive-Information-Disclosure-on-Orbi-Pro-WiFi-System-PSV-2019-0158
https://kb.netgear.com/000061234/Security-Advisory-for-Sensitive-Information-Disclosure-on-Orbi-Pro-WiFi-System-PSV-2019-0158