CVE-2020-13245 Information

Description

Certain NETGEAR devices are affected by Missing SSL Certificate Validation. This affects R7000 1.0.9.6_1.2.19 through 1.0.11.100_10.2.10 and possibly R6120 R7800 R6220 R8000 R6350 R9000 R6400 RAX120 R6400v2 RBR20 R6800 XR300 R6850 XR500 and R7000P.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Reference

https://iot-lab-fh-ooe.github.io/netgear_update_vulnerability/ https://www.netgear.com/about/security/

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

5.9