Vulnerability Details CVE-2020-5621
Cross-site request forgery (CSRF) vulnerability in NETGEAR switching hubs (GS716Tv2 Firmware version 5.4.2.30 and earlier, and GS724Tv3 Firmware version 5.4.2.30 and earlier) allow remote attackers to hijack the authentication of administrators and alter the settings of the device via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.3%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.3
References
- http://jvn.jp/en/jp/JVN29903998/index.html
- https://jvn.jp/en/jp/JVN29903998/index.html
- https://www.netgear.com/support/product/gs716Tv2.aspx
- https://www.netgear.com/support/product/gs724tv3.aspx
- http://jvn.jp/en/jp/JVN29903998/index.html
- https://jvn.jp/en/jp/JVN29903998/index.html
- https://www.netgear.com/support/product/gs716Tv2.aspx
- https://www.netgear.com/support/product/gs724tv3.aspx
Products affected by CVE-2020-5621
-
cpe:2.3:h:netgear:gs716t:v2
-
cpe:2.3:h:netgear:gs724t:v3
-
cpe:2.3:o:netgear:gs716tv2_firmware:5.4.2.30
-
cpe:2.3:o:netgear:gs724tv3_firmware:5.4.2.30