CVE-2020-13245

Published May 28, 2020
Last updated 3 months ago
CVSS medium 5.9
Overview

Description: Certain NETGEAR devices are affected by Missing SSL Certificate Validation. This affects R7000 1.0.9.6_1.2.19 through 1.0.11.100_10.2.10, and possibly R6120, R7800, R6220, R8000, R6350, R9000, R6400, RAX120, R6400v2, RBR20, R6800, XR300, R6850, XR500, and R7000P.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 3.1

Type: Primary
Base score: 5.9
Impact score: 3.6
Exploitability score: 2.2
Vector string: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-295
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "564A93D7-7E58-49AB-8C3C-6DD889CC55F6",
            "versionEndIncluding": "v1.0.11.100_10.2.100",
            "versionStartIncluding": "v1.0.9.6_1.2.19"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D18D2CCD-424F-41D5-919B-E22B9FA68D36"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FB936E4-0C1E-4030-B01A-5995DEC7CC69",
            "versionEndIncluding": "v1.0.11.100_10.2.100",
            "versionStartIncluding": "v1.0.9.6_1.2.19"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B131B5C8-CB7F-433B-BA32-F05CE0E92A66"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6350_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA36C0FA-64FA-4D7D-8E05-5C9DB444FD75",
            "versionEndIncluding": "v1.0.11.100_10.2.100",
            "versionStartIncluding": "v1.0.9.6_1.2.19"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6350:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4B302909-29CF-4E53-9CCB-8664D3FCB03A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "046FEBD8-BFA0-42EC-8549-629A87F812AD",
            "versionEndIncluding": "v1.0.11.100_10.2.100",
            "versionStartIncluding": "v1.0.9.6_1.2.19"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "046FEBD8-BFA0-42EC-8549-629A87F812AD",
            "versionEndIncluding": "v1.0.11.100_10.2.100",
            "versionStartIncluding": "v1.0.9.6_1.2.19"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83EAF917-6EAC-4812-9A73-33171F0FCA9B",
            "versionEndIncluding": "v1.0.11.100_10.2.100",
            "versionStartIncluding": "v1.0.9.6_1.2.19"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "09404083-B00B-4C1F-8085-BC242E625CA3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6850_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1C062A3-4586-488F-A297-2F4A35E79414",
            "versionEndIncluding": "v1.0.11.100_10.2.100",
            "versionStartIncluding": "v1.0.9.6_1.2.19"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6850:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "598B48C5-4706-4431-8C5A-DA496DD1052F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25BF9DB3-8F6E-474D-A41E-654FEE84F46A",
            "versionEndIncluding": "v1.0.11.100_10.2.100",
            "versionStartIncluding": "v1.0.9.6_1.2.19"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBAC8B95-4753-4D4B-91E1-A45E74F854D5",
            "versionEndIncluding": "v1.0.11.100_10.2.100",
            "versionStartIncluding": "v1.0.9.6_1.2.19"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06D5473F-42E2-498A-ACD9-A0541FCC6E78",
            "versionEndIncluding": "v1.0.11.100_10.2.100",
            "versionStartIncluding": "v1.0.9.6_1.2.19"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4EE4FF13-CB32-424F-AAB3-D244E774C5C2",
            "versionEndIncluding": "v1.0.11.100_10.2.100",
            "versionStartIncluding": "v1.0.9.6_1.2.19"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7AFF41D3-8423-40A5-8C74-EA8342543F65",
            "versionEndIncluding": "v1.0.11.100_10.2.100",
            "versionStartIncluding": "v1.0.9.6_1.2.19"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1742BD56-84E4-40E1-8C04-098B3715161E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B52D987-0770-437B-BADD-B848CEC9BB31",
            "versionEndIncluding": "v1.0.11.100_10.2.100",
            "versionStartIncluding": "v1.0.9.6_1.2.19"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E20F0919-D53E-4E78-B826-A58F46023FD2",
            "versionEndIncluding": "v1.0.11.100_10.2.100",
            "versionStartIncluding": "v1.0.9.6_1.2.19"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5590CF28-B88A-4755-904B-1BC1778FBEDD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A6EFE8E-B700-4367-A1D9-5301B22F94DE",
            "versionEndIncluding": "v1.0.11.100_10.2.100",
            "versionStartIncluding": "v1.0.9.6_1.2.19"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
