First published: Wed Mar 10 2021(Updated: )
The TFTP server fails to handle multiple connections on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices, and allows external attackers to force device reboots by sending concurrent connections, aka a denial of service attack.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Netgear Gs116e Firmware | =2.6.0.43 | |
Netgear Gs116e | =v2 | |
Netgear Jgs516pe Firmware | =2.6.0.43 | |
NETGEAR JGS516PE |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-35233 is a vulnerability that affects NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices, allowing external attackers to force device reboots through a denial of service attack.
The severity of CVE-2020-35233 is medium, with a severity score of 6.5.
NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices are affected by CVE-2020-35233.
CVE-2020-35233 allows external attackers to force device reboots by sending concurrent connections to the vulnerable TFTP server.
You can find more information about CVE-2020-35233 at the following URL: [https://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/](https://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/)