CVE-2019-20734

Published Apr 16, 2020
Last updated 5 years ago
CVSS high 8.8
Overview

Description: Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.40, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6300v2 before 1.0.4.18, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6700v3 before 1.0.2.32, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R6900P before 1.0.0.56, R7000P before 1.0.0.56, R7100LG before 1.0.0.42, R7300DST before 1.0.0.54, R7900 before 1.0.1.26, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, and WNR3500Lv2 before 1.2.0.46. NOTE: this may be a result of an incomplete fix for CVE-2017-18864.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH
CVSS 3.0

Type: Secondary
Base score: 8.2
Impact score: 6
Exploitability score: 1.6
Vector string: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 5.8
Impact score: 6.4
Exploitability score: 6.5
Vector string: AV:A/AC:L/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-120
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8AA0851-BFD5-45F6-9673-CA4B83D8B844",
            "versionEndExcluding": "1.0.0.40"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5E70AF3-FFD8-4ACD-9F4C-DB03BFB1125A",
            "versionEndExcluding": "1.0.3.39"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54C9BF9A-F891-4337-AAFF-6E192A81B45B",
            "versionEndExcluding": "1.0.0.70"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74109B25-B64E-4166-A7B0-E3DA87B89161",
            "versionEndExcluding": "1.0.0.70"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7147AB6A-80B2-4468-BF13-5B7554AA5DA3",
            "versionEndExcluding": "1.0.0.30"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "746ADED9-4517-4482-AAEF-ACD301B433F8",
            "versionEndExcluding": "1.0.2.22"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AB84CD03-765C-4D4F-A176-364F8E72A4E7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12C1BB59-1A89-45B9-A1D2-6D8DFEEC2F16",
            "versionEndExcluding": "1.0.0.40"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09C02A78-A382-43A0-A20F-D6521F6DD57F",
            "versionEndExcluding": "1.0.0.22"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D74896A7-7EF2-41C9-8A29-59B2EA5ABA5C",
            "versionEndExcluding": "1.0.0.42"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6150:v1:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CB9BD19-E748-41B9-8873-316FEB83F13D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A81A7574-A2C7-4216-98C6-6790FA705013",
            "versionEndExcluding": "1.0.3.88"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F1E93FB-4926-4AF5-BA5F-A4DE4314B45F",
            "versionEndExcluding": "1.0.0.66"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55058831-92FF-4A87-8340-E25AC0DDF89E",
            "versionEndExcluding": "1.0.4.18"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29EA60BF-FBA6-4305-8173-07130A527410",
            "versionEndExcluding": "1.0.1.24"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB7B08B9-07D2-4404-846A-D1CA02C16557",
            "versionEndExcluding": "1.0.2.32"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C3255EE-BBE5-4EBE-92CC-D0C6E6D8563F",
            "versionEndExcluding": "1.0.1.22"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A080293F-248B-4A42-8EF3-C890AEDE2462",
            "versionEndExcluding": "1.0.2.32"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5A09A9E8-8C77-4EDB-9483-B3C540EF083A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24E4CE14-4FC5-4F73-BFC8-F0B0D924F788",
            "versionEndExcluding": "1.0.1.22"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "819CC65F-F5DA-4620-BC68-CAAA2B73195D",
            "versionEndExcluding": "1.0.9.6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E9EF43B-2542-44CE-A1D6-DECCCFBC1F5F",
            "versionEndExcluding": "1.0.0.56"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADFE7176-BD34-467C-A167-E869E04A8E97",
            "versionEndExcluding": "1.0.0.56"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3D808FE-AA8D-40DF-B838-4853EB8911E7",
            "versionEndExcluding": "1.0.0.42"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0EE8EBA-C4CD-4CA1-A684-54338B1254A9",
            "versionEndExcluding": "1.0.0.54"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B72579C-51F1-4F16-8FDE-544229C25B07",
            "versionEndExcluding": "1.0.1.26"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCE9CF95-192E-4D43-9DAD-2C8D9AF045E9",
            "versionEndExcluding": "1.0.2.106"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4DFD7557-D13D-40EB-94AD-AF092CDE587A",
            "versionEndExcluding": "1.0.2.106"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0675F6C4-EB61-4DA3-8473-448E93D5E0A5",
            "versionEndExcluding": "1.0.1.54"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB542F95-5AE2-47E4-BD7B-34134B26AA4F",
            "versionEndExcluding": "1.2.0.46"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
