Security Vulnerabilities - CVEs Published In April 2020
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DGN2200Bv4 before 1.0.0.102, DGN2200v4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6300v2 before 1.0.4.22, R6900P before 1.3.0.18, R7000P before 1.3.0.18, R7300DST before 1.0.0.62, R7900P before 1.3.0.10, R8000 before 1.0.4.12, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.52, and WNDR3400v3 before 1.0.1.18.
CVSS Score
6.8
EPSS Score
0.003
Published
2020-04-23
In versions prior to 3.3.0, the NGINX Controller Agent installer script 'install.sh' uses HTTP instead of HTTPS to check and install packages
CVSS Score
8.1
EPSS Score
0.001
Published
2020-04-23
NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user.
CVSS Score
6.8
EPSS Score
0.005
Published
2020-04-23
NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user.
CVSS Score
6.8
EPSS Score
0.001
Published
2020-04-23
NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user.
CVSS Score
6.8
EPSS Score
0.001
Published
2020-04-23
NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user.
CVSS Score
6.8
EPSS Score
0.001
Published
2020-04-23
NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user.
CVSS Score
6.8
EPSS Score
0.001
Published
2020-04-23
Certain NETGEAR devices are affected by unauthenticated firmware downgrade. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17.
CVSS Score
8.1
EPSS Score
0.003
Published
2020-04-23
Certain NETGEAR devices are affected by authentication bypass. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17.
CVSS Score
8.8
EPSS Score
0.006
Published
2020-04-23
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17.
CVSS Score
8.8
EPSS Score
0.006
Published
2020-04-23