{ "id": "CVE-2020-13245", "sourceIdentifier": "cve@mitre.org", "published": "2020-05-28T19:15:10.830", "lastModified": "2020-05-29T19:05:18.463", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Certain NETGEAR devices are affected by Missing SSL Certificate Validation. This affects R7000 1.0.9.6_1.2.19 through 1.0.11.100_10.2.10, and possibly R6120, R7800, R6220, R8000, R6350, R9000, R6400, RAX120, R6400v2, RBR20, R6800, XR300, R6850, XR500, and R7000P." }, { "lang": "es", "value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una falta de comprobaci\u00f3n del certificado SSL. Esto afecta a R7000 versiones 1.0.9.6_1.2.19 hasta 1.0.11.100_10.2.10, y posiblemente a R6120, R7800, R6220, R8000, R6350, R9000, R6400, RAX120, R6400v2, RBR20, R6800, XR300, R6850, XR500 y R7000P." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.2, "impactScore": 3.6 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE", "baseScore": 4.3 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-295" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "v1.0.9.6_1.2.19", "versionEndIncluding": "v1.0.11.100_10.2.100", "matchCriteriaId": "564A93D7-7E58-49AB-8C3C-6DD889CC55F6" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*", "matchCriteriaId": "D18D2CCD-424F-41D5-919B-E22B9FA68D36" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "v1.0.9.6_1.2.19", "versionEndIncluding": "v1.0.11.100_10.2.100", "matchCriteriaId": "2FB936E4-0C1E-4030-B01A-5995DEC7CC69" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*", "matchCriteriaId": "B131B5C8-CB7F-433B-BA32-F05CE0E92A66" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:r6350_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "v1.0.9.6_1.2.19", "versionEndIncluding": "v1.0.11.100_10.2.100", "matchCriteriaId": "EA36C0FA-64FA-4D7D-8E05-5C9DB444FD75" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:r6350:-:*:*:*:*:*:*:*", "matchCriteriaId": "4B302909-29CF-4E53-9CCB-8664D3FCB03A" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "v1.0.9.6_1.2.19", "versionEndIncluding": "v1.0.11.100_10.2.100", "matchCriteriaId": "046FEBD8-BFA0-42EC-8549-629A87F812AD" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*", "matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "v1.0.9.6_1.2.19", "versionEndIncluding": "v1.0.11.100_10.2.100", "matchCriteriaId": "046FEBD8-BFA0-42EC-8549-629A87F812AD" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*", "matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "v1.0.9.6_1.2.19", "versionEndIncluding": "v1.0.11.100_10.2.100", "matchCriteriaId": "83EAF917-6EAC-4812-9A73-33171F0FCA9B" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*", "matchCriteriaId": "09404083-B00B-4C1F-8085-BC242E625CA3" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:r6850_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "v1.0.9.6_1.2.19", "versionEndIncluding": "v1.0.11.100_10.2.100", "matchCriteriaId": "C1C062A3-4586-488F-A297-2F4A35E79414" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:r6850:-:*:*:*:*:*:*:*", "matchCriteriaId": "598B48C5-4706-4431-8C5A-DA496DD1052F" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "v1.0.9.6_1.2.19", "versionEndIncluding": "v1.0.11.100_10.2.100", "matchCriteriaId": "25BF9DB3-8F6E-474D-A41E-654FEE84F46A" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*", "matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "v1.0.9.6_1.2.19", "versionEndIncluding": "v1.0.11.100_10.2.100", "matchCriteriaId": "BBAC8B95-4753-4D4B-91E1-A45E74F854D5" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", "matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "v1.0.9.6_1.2.19", "versionEndIncluding": "v1.0.11.100_10.2.100", "matchCriteriaId": "06D5473F-42E2-498A-ACD9-A0541FCC6E78" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", "matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "v1.0.9.6_1.2.19", "versionEndIncluding": "v1.0.11.100_10.2.100", "matchCriteriaId": "4EE4FF13-CB32-424F-AAB3-D244E774C5C2" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "v1.0.9.6_1.2.19", "versionEndIncluding": "v1.0.11.100_10.2.100", "matchCriteriaId": "7AFF41D3-8423-40A5-8C74-EA8342543F65" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*", "matchCriteriaId": "1742BD56-84E4-40E1-8C04-098B3715161E" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "v1.0.9.6_1.2.19", "versionEndIncluding": "v1.0.11.100_10.2.100", "matchCriteriaId": "7B52D987-0770-437B-BADD-B848CEC9BB31" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "v1.0.9.6_1.2.19", "versionEndIncluding": "v1.0.11.100_10.2.100", "matchCriteriaId": "E20F0919-D53E-4E78-B826-A58F46023FD2" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*", "matchCriteriaId": "5590CF28-B88A-4755-904B-1BC1778FBEDD" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "versionStartIncluding": "v1.0.9.6_1.2.19", "versionEndIncluding": "v1.0.11.100_10.2.100", "matchCriteriaId": "9A6EFE8E-B700-4367-A1D9-5301B22F94DE" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C" } ] } ] } ], "references": [ { "url": "https://iot-lab-fh-ooe.github.io/netgear_update_vulnerability/", "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ] }, { "url": "https://www.netgear.com/about/security/", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] } ] }