CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-35228

A cross-site scripting (XSS) vulnerability in the administration web panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allows remote attackers to inject arbitrary web script or HTML via the language parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.4%

CVSS Severity

CVSS v3 Score 4.8

CVSS v2 Score 3.5

References

https://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/
https://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/

Products affected by CVE-2020-35228

Netgear » Gs116e » Version: v2

cpe:2.3:h:netgear:gs116e:v2
Netgear » Jgs516pe » Version: N/A

cpe:2.3:h:netgear:jgs516pe:-
Netgear » Gs116e Firmware » Version: 2.6.0.43

cpe:2.3:o:netgear:gs116e_firmware:2.6.0.43
Netgear » Jgs516pe Firmware » Version: 2.6.0.43

cpe:2.3:o:netgear:jgs516pe_firmware:2.6.0.43

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-35228

Products

Pricing

Contact Us