CVE-2019-20717

Certain NETGEAR devices are affected by denial of service. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, EX2700 before 1.0.1.52, EX6200v2 before 1.0.1.74, EX8000 before 1.0.1.180, R7500v2 before 1.0.3.38, R7800 before 1.0.2.58, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBS40 before 2.3.0.28, SRK60 before 2.2.1.210, SRR60 before 2.2.1.210, SRS60 before 2.2.1.210, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, and WNDR4500v3 before 1.0.0.58.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitreCNA
4.3 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.0/AC:L/AV:A/A:L/C:N/I:N/PR:N/S:U/UI:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
VendorProductVersion
netgeard3600_firmware
𝑥
< 1.0.0.75
netgeard6000_firmware
𝑥
< 1.0.0.75
netgeard7800_firmware
𝑥
< 1.0.1.44
netgearex2700_firmware
𝑥
< 1.0.1.52
netgearex6200_firmware
𝑥
< 1.0.1.74
netgearex8000_firmware
𝑥
< 1.0.1.180
netgearr7500_firmware
𝑥
< 1.0.3.38
netgearr7800_firmware
𝑥
< 1.0.2.58
netgearrbk20_firmware
𝑥
< 2.3.0.28
netgearrbr20_firmware
𝑥
< 2.3.0.28
netgearrbs20_firmware
𝑥
< 2.3.0.28
netgearrbk50_firmware
𝑥
< 2.3.0.32
netgearrbr50_firmware
𝑥
< 2.3.0.32
netgearrbs50_firmware
𝑥
< 2.3.0.32
netgearrbs40_firmware
𝑥
< 2.3.0.28
netgearsrk60_firmware
𝑥
< 2.2.1.210
netgearsrr60_firmware
𝑥
< 2.2.1.210
netgearsrs60_firmware
𝑥
< 2.2.1.210
netgearwn2000rpt_firmware
𝑥
< 1.0.1.34
netgearwn3000rp_firmware
𝑥
< 1.0.0.68
netgearwn3000rp_firmware
𝑥
< 1.0.2.70
netgearwn3100rp_firmware
𝑥
< 1.0.0.60
netgearwndr4300_firmware
𝑥
< 1.0.0.58
netgearwndr4500_firmware
𝑥
< 1.0.0.58
𝑥
= Vulnerable software versions
References
https://kb.netgear.com/000061211/Security-Advisory-for-Denial-of-Service-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0225
https://kb.netgear.com/000061211/Security-Advisory-for-Denial-of-Service-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0225