CVE-2020-5621
Summary
| CVE | CVE-2020-5621 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-08-28 05:15:00 UTC |
| Updated | 2020-09-04 16:23:00 UTC |
| Description | Cross-site request forgery (CSRF) vulnerability in NETGEAR switching hubs (GS716Tv2 Firmware version 5.4.2.30 and earlier, and GS724Tv3 Firmware version 5.4.2.30 and earlier) allow remote attackers to hijack the authentication of administrators and alter the settings of the device via unspecified vectors. |
Risk And Classification
Problem Types: CWE-352
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Netgear | Gs716t | v2 | All | All | All |
| Hardware | Netgear | Gs716t | v2 | All | All | All |
| Operating System | Netgear | Gs716tv2 Firmware | All | All | All | All |
| Hardware | Netgear | Gs724t | v3 | All | All | All |
| Hardware | Netgear | Gs724t | v3 | All | All | All |
| Operating System | Netgear | Gs724tv3 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| JVN#29903998: Multiple NETGEAR switching hubs vulnerable to cross-site request forgery | JVN | jvn.jp | Third Party Advisory |
| GS716Tv2 | Product | Support | NETGEAR | MISC | www.netgear.com | Patch, Vendor Advisory |
| JVN#29903998: Multiple NETGEAR switching hubs vulnerable to cross-site request forgery | MISC | jvn.jp | Third Party Advisory |
| GS724Tv3 | Product | Support | NETGEAR | MISC | www.netgear.com | Patch, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.