CVE-2019-20691

Published Apr 16, 2020

Last updated 5 years ago

CVSS high 8.8

Overview

Description: Certain NETGEAR devices are affected by CSRF. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, and WN2500RPv2 before 1.0.1.54.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 3.0

Type: Secondary
Base score: 8.3
Impact score: 5.5
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-352

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C8A5E09-861A-4C5F-8C0A-96803782E9EF",
            "versionEndExcluding": "1.0.0.72"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "31DE9D4E-3CDC-4552-A63F-DD5D95E23F63"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33C16A69-C930-4DA3-8750-EB50F2827731",
            "versionEndExcluding": "1.0.0.72"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6F6EA344-FF99-4F27-9860-3C5BE07345A7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54C9BF9A-F891-4337-AAFF-6E192A81B45B",
            "versionEndExcluding": "1.0.0.70"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74109B25-B64E-4166-A7B0-E3DA87B89161",
            "versionEndExcluding": "1.0.0.70"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7147AB6A-80B2-4468-BF13-5B7554AA5DA3",
            "versionEndExcluding": "1.0.0.30"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "094113E0-3656-4E2A-B9EF-D397296BD07C",
            "versionEndExcluding": "1.0.2.24"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AB84CD03-765C-4D4F-A176-364F8E72A4E7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12C1BB59-1A89-45B9-A1D2-6D8DFEEC2F16",
            "versionEndExcluding": "1.0.0.40"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09C02A78-A382-43A0-A20F-D6521F6DD57F",
            "versionEndExcluding": "1.0.0.22"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D74896A7-7EF2-41C9-8A29-59B2EA5ABA5C",
            "versionEndExcluding": "1.0.0.42"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6150:v1:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CB9BD19-E748-41B9-8873-316FEB83F13D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A81A7574-A2C7-4216-98C6-6790FA705013",
            "versionEndExcluding": "1.0.3.88"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F1E93FB-4926-4AF5-BA5F-A4DE4314B45F",
            "versionEndExcluding": "1.0.0.66"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0675F6C4-EB61-4DA3-8473-448E93D5E0A5",
            "versionEndExcluding": "1.0.1.54"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References