CVE-2020-35804

EUVD-2020-23459
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D7800 before 1.0.1.58, R7800 before 1.0.2.74, R8900 before 1.0.5.18, R9000 before 1.0.5.18, and XR700 before 1.0.1.34.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.6 HIGH
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
mitreCNA
7.6 HIGH
PHYSICAL
LOW
NONE
CVSS:3.1/AC:L/AV:P/A:H/C:H/I:H/PR:N/S:C/UI:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
Affected Products (NVD)
VendorProductVersion
netgeard7800_firmware
𝑥
< 1.0.1.58
netgearr7800_firmware
𝑥
< 1.0.2.74
netgearr8900_firmware
𝑥
< 1.0.5.18
netgearr9000_firmware
𝑥
< 1.0.5.18
netgearxr700_firmware
𝑥
< 1.0.1.34
𝑥
= Vulnerable software versions
References
https://kb.netgear.com/000062716/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-PSV-2019-0254
https://kb.netgear.com/000062716/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-PSV-2019-0254