CVE-2019-20658 — MEDIUM (6.5)

Q: How severe is CVE-2019-20658?

CVE-2019-20658 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-20658?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear Fs728Tlp Firmware, Netgear Fs728Tlp, Netgear Gs105E Firmware, Netgear Gs105E, Netgear Gs105Pe Firmware.

Vulnerability Description

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects FS728TLP before 1.0.1.26, GS105Ev2 before 1.6.0.4, GS105PE before 1.6.0.4, GS108Ev3 before 2.06.08, GS108PEv3 before 2.06.08, GS110EMX before 1.0.1.4, GS116Ev2 before 2.6.0.35, GS408EPP before 1.0.0.15, GS808E before 1.7.0.7, GS810EMX before 1.7.1.1, GS908E before 1.7.0.3, GSS108E before 1.6.0.4, GSS108EPP before 1.0.0.15, GSS116E before 1.6.0.9, JGS516PE before 2.6.0.35, JGS524Ev2 before 2.6.0.35, JGS524PE before 2.6.0.35, XS512EM before 1.0.1.1, XS708Ev2 before 1.6.0.23, XS716E before 1.6.0.23, and XS724EM before 1.0.1.1.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Netgear	Fs728Tlp Firmware	< 1.0.1.26
Netgear	Fs728Tlp	-
Netgear	Gs105E Firmware	< 1.6.0.4
Netgear	Gs105E	v2
Netgear	Gs105Pe Firmware	< 1.6.0.4
Netgear	Gs105Pe	-
Netgear	Gs108E Firmware	< 2.06.08
Netgear	Gs108E	v3
Netgear	Gs108Pe Firmware	< 2.06.08
Netgear	Gs108Pe	v3
Netgear	Gs110Emx Firmware	< 1.0.1.4
Netgear	Gs110Emx	-
Netgear	Gs116E Firmware	< 2.6.0.35
Netgear	Gs116E	v2
Netgear	Gs408Epp Firmware	< 1.0.0.15
Netgear	Gs408Epp	-
Netgear	Gs808E Firmware	< 1.7.0.7
Netgear	Gs808E	-
Netgear	Gs810Emx Firmware	< 1.7.1.1
Netgear	Gs810Emx	-

References

https://kb.netgear.com/000061481/Security-Advisory-for-Sensitive-Information-DisVendor Advisory
https://kb.netgear.com/000061481/Security-Advisory-for-Sensitive-Information-DisVendor Advisory

FAQ

What is CVE-2019-20658?

CVE-2019-20658 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Certain NETGEAR devices are affected by disclosure of sensitive information. This affects FS728TLP before 1.0.1.26, GS105Ev2 before 1.6.0.4, GS105PE before 1.6.0.4, GS108Ev3 before 2.06.08, GS108PEv3 ...

How severe is CVE-2019-20658?

CVE-2019-20658 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-20658?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear Fs728Tlp Firmware, Netgear Fs728Tlp, Netgear Gs105E Firmware, Netgear Gs105E, Netgear Gs105Pe Firmware.