CVE-2020-35804

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D7800 before 1.0.1.58, R7800 before 1.0.2.74, R8900 before 1.0.5.18, R9000 before 1.0.5.18, and XR700 before 1.0.1.34.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.6 HIGH
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
mitreCNA
7.6 HIGH
PHYSICAL
LOW
NONE
CVSS:3.1/AC:L/AV:P/A:H/C:H/I:H/PR:N/S:C/UI:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
VendorProductVersion
netgeard7800_firmware
𝑥
< 1.0.1.58
netgearr7800_firmware
𝑥
< 1.0.2.74
netgearr8900_firmware
𝑥
< 1.0.5.18
netgearr9000_firmware
𝑥
< 1.0.5.18
netgearxr700_firmware
𝑥
< 1.0.1.34
𝑥
= Vulnerable software versions
References
https://kb.netgear.com/000062716/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-PSV-2019-0254
https://kb.netgear.com/000062716/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-PSV-2019-0254