First published: Thu Apr 16 2020(Updated: )
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects GS728TPPv2 before 6.0.0.48, GS728TPv2 before 6.0.0.48, GS750E before 1.0.1.4, GS752TPP before 6.0.0.48, and GS752TPv2 before 6.0.0.48.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Netgear Gs728tpp Firmware | <6.0.0.48 | |
Netgear Gs728tpp | =v2 | |
Netgear Gs728tp Firmware | <6.0.0.48 | |
Netgear Gs728tp | =v2 | |
Netgear Gs750e Firmware | <1.0.1.4 | |
Netgear Gs750e | ||
Netgear Gs752tpp Firmware | <6.0.0.48 | |
Netgear Gs752tpp | ||
Netgear Gs752tp Firmware | <6.0.0.48 | |
Netgear Gs752tp | =v2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-20697 is a vulnerability that affects certain NETGEAR devices, allowing an unauthenticated attacker to execute a stack-based buffer overflow attack.
The following NETGEAR devices are affected by CVE-2019-20697: GS728TPPv2 before 6.0.0.48, GS728TPv2 before 6.0.0.48, GS750E before 1.0.1.4, GS752TPP before 6.0.0.48, and GS752TPv2 before 6.0.0.48.
CVE-2019-20697 has a severity score of 8.8 (high).
To fix the vulnerability CVE-2019-20697, you should update the affected NETGEAR devices to version 6.0.0.48 (for GS728TPPv2, GS728TPv2, and GS752TPP) or version 1.0.1.4 (for GS750E and GS752TPv2).
More information about CVE-2019-20697 can be found in the NETGEAR security advisory at: https://kb.netgear.com/000061232/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Switches-PSV-2019-0066