CVE Daily

CVE-2020-35801

Certain NETGEAR devices are affected by incorrect configuration of security sett...

High CVSS 8.3

Overview

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JGS516PE before 2.6.0.48, JGS524Ev2 before 2.6.0.48, JGS524PE before 2.6.0.48, and GS116Ev2 before 2.6.0.48. A TFTP server was found to be active by default. It allows remote authenticated users to update the switch firmware.

CWE: N/A Published: 2020-12-30T00:15:14.457
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 8.3 (HIGH)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags