First published: Thu Apr 16 2020(Updated: )
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects GS105Ev2 before 1.6.0.4, GS105PE before 1.6.0.4, GS408EPP before 1.0.0.15, GS808E before 1.7.0.7, GS908E before 1.7.0.3, GSS108E before 1.6.0.4, and GSS108EPP before 1.0.0.15.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Netgear Gs105e Firmware | <1.6.0.4 | |
Netgear Gs105e | =v2 | |
Netgear Gs105pe Firmware | <1.6.0.4 | |
Netgear Gs105pe | ||
Netgear Gs408epp Firmware | <1.0.0.15 | |
Netgear Gs408epp | ||
Netgear Gs808e Firmware | <1.7.0.7 | |
NETGEAR GS808E | ||
Netgear Gs908e Firmware | <1.7.0.3 | |
Netgear Gs908e | ||
Netgear Gss108e Firmware | <1.6.0.4 | |
Netgear Gss108e | ||
Netgear Gss108epp Firmware | <1.0.0.15 | |
Netgear Gss108epp |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2019-20699.
GS105Ev2 before 1.6.0.4, GS105PE before 1.6.0.4, GS408EPP before 1.0.0.15, GS808E before 1.7.0.7, GS908E before 1.7.0.3, GSS108E before 1.6.0.4, and GSS108EPP before 1.0.0.15.
The severity of CVE-2019-20699 is critical with a CVSS score of 9.8.
An unauthenticated attacker can exploit this vulnerability by performing a buffer overflow.
To fix CVE-2019-20699, you need to update your NETGEAR devices to the latest firmware version provided by NETGEAR.
You can find more information about this vulnerability in the security advisory published by NETGEAR.