CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-8288

NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 72.0%

CVSS Severity

CVSS v3 Score 5.9

CVSS v2 Score 4.3

References

http://kb.netgear.com/app/answers/detail/a_id/30560
http://www.kb.cert.org/vuls/id/778696
http://kb.netgear.com/app/answers/detail/a_id/30560
http://www.kb.cert.org/vuls/id/778696

Products affected by CVE-2015-8288

Netgear » D3600 » Version: N/A

cpe:2.3:h:netgear:d3600:-
Netgear » D6000 » Version: N/A

cpe:2.3:h:netgear:d6000:-
Netgear » D3600 Firmware » Version: 1.0.0.49

cpe:2.3:o:netgear:d3600_firmware:1.0.0.49
Netgear » D6000 Firmware » Version: N/A

cpe:2.3:o:netgear:d6000_firmware:-
Netgear » D6000 Firmware » Version: 1.0.0.49

cpe:2.3:o:netgear:d6000_firmware:1.0.0.49

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-8288

Products

Pricing

Contact Us