CVE-2020-14436

Published Jun 18, 2020

Last updated 3 years ago

CVSS high 8.8

Overview

Description: Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, and RBS840 before 3.2.15.25.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 3.0

Type: Secondary
Base score: 9.6
Impact score: 6
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 5.8
Impact score: 6.4
Exploitability score: 6.5
Vector string: AV:A/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-77

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE271234-71E6-4F3A-8F39-DA86D1275331",
            "versionEndExcluding": "3.2.15.25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A45832BD-114D-42F1-B9F1-7532496D30A6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "436BED04-0FD2-499B-9D42-F9E0AAA6CB97",
            "versionEndExcluding": "3.2.15.25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F35DDDEC-A64B-400E-ABF8-E13F432BD261",
            "versionEndExcluding": "3.2.15.25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "192647CA-5BFC-4021-A91D-7CB8761FA137"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "905C4D26-8575-429C-B1D2-FC35C773B129",
            "versionEndExcluding": "3.2.15.25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C13F5C69-FA9B-472A-9036-0C2967BDCDE9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F60A549C-0D76-4A83-BBCD-C1D04075809B",
            "versionEndExcluding": "3.2.15.25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B529194C-C440-4BC3-850F-0613FC548F86"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7300226F-8997-4142-8DAC-682F0E313072",
            "versionEndExcluding": "3.2.15.25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "14F257FE-31CE-4F74-829D-29407D74ADF7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A553C5A2-EB80-4314-A623-8F489A4E74E2",
            "versionEndExcluding": "3.2.15.25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4479CEAD-3B87-4993-80C8-1AE59242CFA4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86A9DFB9-8429-45DB-84E8-30F37535145E",
            "versionEndExcluding": "3.2.15.25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D92E4C8E-222A-476C-8273-F7171FC61F0B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4FC4E2F-711C-432A-91FE-27CB1EE41A33",
            "versionEndExcluding": "3.2.15.25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "221CA950-E984-44CD-9E1B-3AADE3CEBE52"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "754ACE12-E256-4B21-ABD5-CB5F3DA4BDC7",
            "versionEndExcluding": "3.2.15.25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0E9B19B2-5FF1-4C85-8504-C33C34F072B1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D19A1E4D-30F2-4263-B4BE-273EED14702E",
            "versionEndExcluding": "3.2.15.25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4489CB05-A1C0-408C-8D8C-56EE98CA20E8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44ED0285-F862-44B9-B0EE-C2FDC42706A2",
            "versionEndExcluding": "3.2.15.25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "84AEA27B-8BEA-4E83-819A-FDAC1881928F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References