CVE-2020-35799

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6200 before 1.1.00.32, D7000 before 1.0.1.68, D7800 before 1.0.1.56, DM200 before 1.0.0.61, EX2700 before 1.0.1.52, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.74, EX6400 before 1.0.2.140, EX7300 before 1.0.2.140, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7500v2 before 1.0.3.40, R7800 before 1.0.2.62, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.78, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, XR450 before 2.3.2.32, and XR500 before 2.3.2.32.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:netgear:ex6200v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6200v2:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:netgear:r6700v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6700v2:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:netgear:r6900v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6900v2:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND
cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND
cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND
cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND
cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND
cpe:2.3:o:netgear:wn2000rptv3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wn2000rptv3:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND
cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND
cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND
cpe:2.3:o:netgear:wn3000rpv3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wn3000rpv3:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND
cpe:2.3:o:netgear:wn3100rpv2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wn3100rpv2:-:*:*:*:*:*:*:*

Configuration 44 (hide)

AND
cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wnr2000v5:-:*:*:*:*:*:*:*

Configuration 45 (hide)

AND
cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*

Configuration 46 (hide)

AND
cpe:2.3:o:netgear:xr450_firmware:2.3.2.32:*:*:*:*:*:*:*
cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*

Configuration 47 (hide)

AND
cpe:2.3:o:netgear:xr500_firmware:2.3.2.32:*:*:*:*:*:*:*
cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*

History

04 Jan 2021, 14:31

Type Values Removed Values Added
References (MISC) https://kb.netgear.com/000062709/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2018-0296 - (MISC) https://kb.netgear.com/000062709/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2018-0296 - Vendor Advisory
CPE cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r6700v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:ex6200v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:xr500_firmware:2.3.2.32:*:*:*:*:*:*:*
cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wn3100rpv2:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wn3000rpv3:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:wn3000rpv3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6700v2:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:wn3100rpv2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:xr450_firmware:2.3.2.32:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r6900v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6200v2:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6900v2:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wnr2000v5:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wn2000rptv3:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:wn2000rptv3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : 7.5
v3 : 9.8
CWE CWE-787

30 Dec 2020, 00:15

Type Values Removed Values Added
New CVE

Information

Published : 2020-12-30 00:15

Updated : 2023-12-10 13:41


NVD link : CVE-2020-35799

Mitre link : CVE-2020-35799

CVE.ORG link : CVE-2020-35799


JSON object : View

Products Affected

netgear

  • dm200_firmware
  • r6220
  • rbs40_firmware
  • wn3100rpv2
  • rbr50
  • wnr2000v5
  • r6120_firmware
  • r6700v2_firmware
  • r7500v2
  • dm200
  • ex6400_firmware
  • ex6100v2
  • jr6150
  • r6230_firmware
  • xr450_firmware
  • r6220_firmware
  • rbk50
  • rbs20
  • wnr2020_firmware
  • pr2000
  • ex6100v2_firmware
  • r6230
  • r7500v2_firmware
  • wn3000rpv2
  • pr2000_firmware
  • rbk40_firmware
  • wn3000rpv2_firmware
  • ex6150v2
  • rbs20_firmware
  • r6700v2
  • rbk20_firmware
  • rbr20_firmware
  • d6200
  • rbr50_firmware
  • r7800_firmware
  • r6800_firmware
  • rbr40_firmware
  • wn3000rpv3
  • jr6150_firmware
  • ex6200v2
  • rbs50_firmware
  • ex6400
  • d6000
  • ex2700
  • d7800_firmware
  • r6020
  • d6200_firmware
  • r7800
  • d3600_firmware
  • rbk40
  • d3600
  • rbk50_firmware
  • ex8000
  • r9000_firmware
  • r8900_firmware
  • wnr2000v5_firmware
  • rbr40
  • r8900
  • wn3100rpv2_firmware
  • ex7300_firmware
  • r6260
  • ex7300
  • d7000
  • xr500
  • r6900v2_firmware
  • r6120
  • d6000_firmware
  • r6260_firmware
  • r6020_firmware
  • r9000
  • ex2700_firmware
  • wnr2020
  • xr450
  • xr500_firmware
  • wn3000rpv3_firmware
  • r6050
  • r6080_firmware
  • r6800
  • d7000_firmware
  • r6080
  • ex8000_firmware
  • rbs50
  • wn2000rptv3
  • ex6200v2_firmware
  • r6900v2
  • wn2000rptv3_firmware
  • r6050_firmware
  • ex6150v2_firmware
  • rbr20
  • d7800
  • rbk20
  • rbs40
CWE
CWE-787

Out-of-bounds Write