{"uuid": "ad7e1da2-a06b-40f3-a31f-a700c6661438", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26919", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2861", "content": "#Hardware_Security\nMultiple Vulnerabilities in Netgear ProSAFE Plus JGS516PE/GS116Ev2 Switches (PoCs)\nhttps://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches\n// - Unauthenticated RCE (CVE-2020-26919)\n- NSDP Auth Bypass (CVE-2020-35231)\n- Unauth Firmware Upd Mechanism (CVE-2020-35220)\n- TFTP Ineffective Firmware Checks (CVE-2020-35232)\n- Unauth BoF (CVE-2020-35224)\n- Insecure Password Hashing Mechanism (CVE-2020-35221)\n- Authentication Token Reuse (CVE-2020-35229)\n- Stored XSS in Language Settings (CVE-2020-35228)\n- Buffer Overflow in IP Source Params (CVE-2020-35227)\n- Unauthenticated Write Access to DHCP Configuration (CVE-2020-35226)\n- Unauthenticated Access to Switch Configuration Parameters (CVE-2020-35222)\n- TFTP Unexpected Behaviours (CVE-2020-35233)\n- Multiple Integer Overflow Instances (CVE-2020-35230)\n- Multiple Write Commands BoF (CVE-2020-35225)\n- Ineffective CSRF Protections (CVE-2020-35223)", "creation_timestamp": "2024-10-09T19:00:25.000000Z"}