var-202012-1177
Vulnerability from variot
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.14, RBW30 before 2.6.1.4, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, and RBS40V before 2.6.1.4. plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1177", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "cbr40", scope: "lt", trust: 1, vendor: "netgear", version: "2.5.0.14", }, { model: "rbr840", scope: "lt", trust: 1, vendor: "netgear", version: "3.2.16.6", }, { model: "rbs850", scope: "lt", trust: 1, vendor: "netgear", version: "3.2.16.6", }, { model: "rbs750", scope: "lt", trust: 1, vendor: "netgear", version: "3.2.16.6", }, { model: "rbk852", scope: "lt", trust: 1, vendor: "netgear", version: "3.2.16.6", }, { model: "rbs840", scope: "lt", trust: 1, vendor: "netgear", version: "3.2.16.6", }, { model: "rax80", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.3.102", }, { model: "rbw30", scope: "lt", trust: 1, vendor: "netgear", version: "2.6.1.4", }, { model: "rbs840v", scope: "lt", trust: 1, vendor: "netgear", version: "2.6.1.4", }, { model: "rax75", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.3.102", }, { model: "rbk842", scope: "lt", trust: 1, vendor: "netgear", version: "3.2.16.6", }, { model: "rbr750", scope: "lt", trust: 1, vendor: "netgear", version: "3.2.16.6", }, { model: "rbr850", scope: "lt", trust: 1, vendor: "netgear", version: "3.2.16.6", }, { model: "rbk752", scope: "lt", trust: 1, vendor: "netgear", version: "3.2.16.6", }, { model: "rbs750", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbr850", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rax80", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbr750", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rax75", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbs850", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbk852", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbk752", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbw30", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014795", }, { db: "NVD", id: "CVE-2020-35802", }, ], }, cve: "CVE-2020-35802", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2020-35802", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-35802", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "OTHER", availabilityImpact: "None", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-014795", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-35802", trust: 1, value: "HIGH", }, { author: "cve@mitre.org", id: "CVE-2020-35802", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2020-35802", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202012-1767", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014795", }, { db: "CNNVD", id: "CNNVD-202012-1767", }, { db: "NVD", id: "CVE-2020-35802", }, { db: "NVD", id: "CVE-2020-35802", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.14, RBW30 before 2.6.1.4, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, and RBS40V before 2.6.1.4. plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained", sources: [ { db: "NVD", id: "CVE-2020-35802", }, { db: "JVNDB", id: "JVNDB-2020-014795", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-35802", trust: 2.4, }, { db: "JVNDB", id: "JVNDB-2020-014795", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202012-1767", trust: 0.6, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014795", }, { db: "CNNVD", id: "CNNVD-202012-1767", }, { db: "NVD", id: "CVE-2020-35802", }, ], }, id: "VAR-202012-1177", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.34430966500000004, }, last_update_date: "2024-11-23T22:58:05.584000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Advisory for Sensitive Information Disclosure on Some Routers and WiFi Systems, PSV-2020-0331", trust: 0.8, url: "https://kb.netgear.com/000062720/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-WiFi-Systems-PSV-2020-0331", }, { title: "Multiple Netgear Product information disclosure vulnerability repair measures", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138274", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014795", }, { db: "CNNVD", id: "CNNVD-202012-1767", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-noinfo", trust: 1, }, { problemtype: "Lack of information (CWE-noinfo) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014795", }, { db: "NVD", id: "CVE-2020-35802", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://kb.netgear.com/000062720/security-advisory-for-sensitive-information-disclosure-on-some-routers-and-wifi-systems-psv-2020-0331", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-35802", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014795", }, { db: "CNNVD", id: "CNNVD-202012-1767", }, { db: "NVD", id: "CVE-2020-35802", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2020-014795", }, { db: "CNNVD", id: "CNNVD-202012-1767", }, { db: "NVD", id: "CVE-2020-35802", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-08-31T00:00:00", db: "JVNDB", id: "JVNDB-2020-014795", }, { date: "2020-12-29T00:00:00", db: "CNNVD", id: "CNNVD-202012-1767", }, { date: "2020-12-30T00:15:14.517000", db: "NVD", id: "CVE-2020-35802", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-08-31T05:14:00", db: "JVNDB", id: "JVNDB-2020-014795", }, { date: "2021-01-05T00:00:00", db: "CNNVD", id: "CNNVD-202012-1767", }, { date: "2024-11-21T05:28:09.167000", db: "NVD", id: "CVE-2020-35802", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202012-1767", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural NETGEAR Vulnerabilities in devices", sources: [ { db: "JVNDB", id: "JVNDB-2020-014795", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "information disclosure", sources: [ { db: "CNNVD", id: "CNNVD-202012-1767", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.