CVE-2019-20719

Published Apr 16, 2020

Last updated 5 years ago

CVSS medium 6.8

Overview

Description: Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.48, D6400 before 1.0.0.82, D7000v2 before 1.0.0.52, D8500 before 1.0.3.43, R6250 before 1.0.4.34, R6400 before 1.0.1.44, R6400v2 before 1.0.2.62, R7000P before 1.4.1.30, R7100LG before 1.0.0.48, R7300DST before 1.0.0.68, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, and R8500 before 1.0.2.128.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.8
Impact score: 5.9
Exploitability score: 0.9
Vector string: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity: MEDIUM

CVSS 3.0

Type: Secondary
Base score: 6.8
Impact score: 5.9
Exploitability score: 0.9
Vector string: CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 5.2
Impact score: 6.4
Exploitability score: 5.1
Vector string: AV:A/AC:L/Au:S/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-120

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F36AC74-11DB-4805-9B73-302F86A8C240",
            "versionEndExcluding": "1.0.0.48"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E84B61C3-54CA-4127-AE6B-E63AB51E0C85",
            "versionEndExcluding": "1.0.0.82"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A0D49BA-4843-4F7E-984A-FF7BDF292F56",
            "versionEndExcluding": "1.0.0.52"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6DF302FA-84AA-4863-B30F-7E4364CD098C",
            "versionEndExcluding": "1.0.3.43"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1DD1F7D-7556-4B95-A33F-E389948D20AA",
            "versionEndExcluding": "1.0.4.34"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF638167-B018-4140-B115-C65F387EFD77",
            "versionEndExcluding": "1.0.1.44"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91532716-831D-401C-8707-86785F0A4E16",
            "versionEndExcluding": "1.0.2.62"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "11D86AD7-BC4F-4A99-9554-7819B4C33913",
            "versionEndExcluding": "1.4.1.30"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B484FA9-17B9-4829-9152-83691EE6A9BB",
            "versionEndExcluding": "1.0.0.48"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94B3A9D8-A276-41B2-B7BF-7DA58B879A9B",
            "versionEndExcluding": "1.0.0.68"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "845CF217-8361-4D5B-811D-B9CEB68880CB",
            "versionEndExcluding": "1.0.3.8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8BBB7E16-D31C-49EA-9D82-D3BACED95441",
            "versionEndExcluding": "1.4.1.30"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98FAEBDA-5FBA-402D-9BA1-25E5DF4EF55F",
            "versionEndExcluding": "1.0.4.28"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6791754E-E5F9-42EA-AFDA-F93E8227A7C8",
            "versionEndExcluding": "1.4.1.30"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD0AB065-3152-492B-A66D-2BCCA1E3B1DA",
            "versionEndExcluding": "1.0.2.128"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28EC6190-68BC-4D9A-9973-01935EB3472F",
            "versionEndExcluding": "1.0.2.128"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References