CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-35225

The NSDP protocol implementation on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was not properly validating the length of string parameters sent in write requests, potentially allowing denial of service attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.7%

CVSS Severity

CVSS v3 Score 6.8

CVSS v2 Score 5.2

References

https://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/
https://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/

Products affected by CVE-2020-35225

Netgear » Gs116e » Version: v2

cpe:2.3:h:netgear:gs116e:v2
Netgear » Jgs516pe » Version: N/A

cpe:2.3:h:netgear:jgs516pe:-
Netgear » Gs116e Firmware » Version: 2.6.0.43

cpe:2.3:o:netgear:gs116e_firmware:2.6.0.43
Netgear » Jgs516pe Firmware » Version: 2.6.0.43

cpe:2.3:o:netgear:jgs516pe_firmware:2.6.0.43

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-35225

Products

Pricing

Contact Us