First published: Fri Aug 28 2020(Updated: )
Cross-site request forgery (CSRF) vulnerability in NETGEAR switching hubs (GS716Tv2 Firmware version 5.4.2.30 and earlier, and GS724Tv3 Firmware version 5.4.2.30 and earlier) allow remote attackers to hijack the authentication of administrators and alter the settings of the device via unspecified vectors.
Credit: vultures@jpcert.or.jp
Affected Software | Affected Version | How to fix |
---|---|---|
Netgear Gs716tv2 Firmware | <=5.4.2.30 | |
Netgear Gs716t | =v2 | |
Netgear Gs724tv3 Firmware | <=5.4.2.30 | |
Netgear Gs724t | =v3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2020-5621.
The severity of CVE-2020-5621 is medium (4.3).
NETGEAR switching hubs GS716Tv2 Firmware version 5.4.2.30 and earlier, and GS724Tv3 Firmware version 5.4.2.30 and earlier are affected by CVE-2020-5621.
Remote attackers can exploit CVE-2020-5621 by hijacking the authentication of administrators and altering the settings of the device through unspecified means.
To fix CVE-2020-5621, update the NETGEAR switching hubs to a version later than 5.4.2.30.