CVE-2019-20681

Published Apr 15, 2020

Last updated 3 years ago

CVSS high 8.8

Overview

Description: Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.34, D7000 before 1.0.1.68, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6050 before 1.0.1.18, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, and R6900v2 before 1.2.0.36.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 3.0

Type: Secondary
Base score: 7.1
Impact score: 4.2
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 6.5
Impact score: 6.4
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9FCEBCD7-1D0D-47F6-BC72-A53BFBF3662D",
            "versionEndExcluding": "1.1.00.34"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "00E6A1B7-4732-4259-9B71-10FF0B56A16B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D127F467-E2D0-462C-B9E1-458CFFFAC062",
            "versionEndExcluding": "1.0.1.68"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AF04B65B-9685-4595-9C71-0F77AD7109BE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC9C60BB-2E7F-4D35-9348-8D8AEFAAD75F",
            "versionEndExcluding": "1.0.1.18"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D67167E5-81D2-4892-AF41-CBB6271232D1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50E2E26A-200E-4D00-9657-034EACE3944F",
            "versionEndExcluding": "1.0.0.28"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2451CC0C-71B2-474D-93F0-2B2ACD802FE3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDB0CD0A-A68D-4EF5-A938-6A15604C9107",
            "versionEndExcluding": "1.0.1.18"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "363D4DEE-98B9-4294-B241-1613CAD1A3A7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "92F53D21-C688-4477-815D-EFFF08F7D085",
            "versionEndExcluding": "1.0.0.46"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D18D2CCD-424F-41D5-919B-E22B9FA68D36"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "220EBC67-69DA-43D6-8B09-EBEEEF29679D",
            "versionEndExcluding": "1.1.0.80"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B131B5C8-CB7F-433B-BA32-F05CE0E92A66"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16D72B7A-0707-428F-A9AE-5899EBF4BBA0",
            "versionEndExcluding": "1.1.0.64"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3C395D49-57F9-4BC1-8619-57127355B86B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A4FB8A1-D380-4234-88EB-91BFF6D215C7",
            "versionEndExcluding": "1.2.0.36"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9F9706E6-CA53-43E4-91B0-D52655C86860"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C39CE79-6433-47E2-A439-9AB1DFBD843C",
            "versionEndExcluding": "1.2.0.36"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "09404083-B00B-4C1F-8085-BC242E625CA3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB6992BA-B0F5-4E00-84F4-0B0336910AFA",
            "versionEndExcluding": "1.2.0.36"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2E8EB69B-6619-47B6-A073-D0B840D4EB0B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References