Vulnerability Description
On NETGEAR GS728TPS devices through 5.3.0.35, a remote attacker having network connectivity to the web-administration panel can access part of the web panel, bypassing authentication.
CVSS Score
2.7
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netgear | Gs728Tps Firmware | < 5.3.0.36 |
| Netgear | Gs728Tps | - |
References
- https://kb.netgear.com/000061738/Security-Advisory-for-Missing-Function-Level-AcVendor Advisory
- https://kb.netgear.com/000061738/Security-Advisory-for-Missing-Function-Level-AcVendor Advisory
FAQ
What is CVE-2019-19964?
CVE-2019-19964 is a vulnerability with a CVSS score of 2.7 (LOW). On NETGEAR GS728TPS devices through 5.3.0.35, a remote attacker having network connectivity to the web-administration panel can access part of the web panel, bypassing authentication.
How severe is CVE-2019-19964?
CVE-2019-19964 has been rated LOW with a CVSS base score of 2.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-19964?
Check the references section above for vendor advisories and patch information. Affected products include: Netgear Gs728Tps Firmware, Netgear Gs728Tps.