CVE-2020-17409 — MEDIUM (6.5)

Q: How severe is CVE-2020-17409?

CVE-2020-17409 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-17409?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear R6020 Firmware, Netgear R6020, Netgear R6080 Firmware, Netgear R6080, Netgear R6120 Firmware.

Vulnerability Description

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6260, R6220, R6020, JNR3210, and WNR2020 routers with firmware 1.0.66. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-10754.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Netgear	R6020 Firmware	< 1.0.0.44
Netgear	R6020	-
Netgear	R6080 Firmware	< 1.0.0.44
Netgear	R6080	-
Netgear	R6120 Firmware	< 1.0.0.70
Netgear	R6120	-
Netgear	R6220 Firmware	< 1.1.0.100
Netgear	R6220	-
Netgear	R6230 Firmware	< 1.1.0.100
Netgear	R6230	-
Netgear	R6260 Firmware	< 1.1.0.76
Netgear	R6260	-
Netgear	R6330 Firmware	< 1.1.0.76
Netgear	R6330	-
Netgear	R6350 Firmware	< 1.1.0.76
Netgear	R6350	-
Netgear	R6850 Firmware	< 1.1.0.76
Netgear	R6850	-
Netgear	Jnr3210 Firmware	-
Netgear	Jnr3210	-

Related Weaknesses (CWE)

CWE-288

References

https://kb.netgear.com/000062304/Security-Advisory-for-Authentication-Bypass-on-PatchVendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-20-1176/Third Party AdvisoryVDB Entry
https://kb.netgear.com/000062304/Security-Advisory-for-Authentication-Bypass-on-PatchVendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-20-1176/Third Party AdvisoryVDB Entry

FAQ

What is CVE-2020-17409?

CVE-2020-17409 is a vulnerability with a CVSS score of 6.5 (MEDIUM). This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6260, R6220, R6020, JNR3210, and WNR2020 routers with firmwar...

How severe is CVE-2020-17409?

CVE-2020-17409 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-17409?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear R6020 Firmware, Netgear R6020, Netgear R6080 Firmware, Netgear R6080, Netgear R6120 Firmware.