CVE-2020-35778 — MEDIUM (4.3)

Q: What is CVE-2020-35778?

CVE-2020-35778 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Certain NETGEAR devices are affected by CSRF. This affects GS716Tv3 before 6.3.1.36 and GS724Tv4 before 6.3.1.36.

Q: How severe is CVE-2020-35778?

CVE-2020-35778 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-35778?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear Gs716T Firmware, Netgear Gs716T, Netgear Gs724T Firmware, Netgear Gs724T.

Vulnerability Description

Certain NETGEAR devices are affected by CSRF. This affects GS716Tv3 before 6.3.1.36 and GS724Tv4 before 6.3.1.36.

CVSS Score

4.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Netgear	Gs716T Firmware	< 6.3.1.36
Netgear	Gs716T	v3
Netgear	Gs724T Firmware	< 6.3.1.36
Netgear	Gs724T	v4

Related Weaknesses (CWE)

CWE-352

References

https://kb.netgear.com/000062721/Security-Advisory-for-Cross-Site-Request-ForgerVendor Advisory
https://kb.netgear.com/000062721/Security-Advisory-for-Cross-Site-Request-ForgerVendor Advisory

FAQ

What is CVE-2020-35778?

CVE-2020-35778 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Certain NETGEAR devices are affected by CSRF. This affects GS716Tv3 before 6.3.1.36 and GS724Tv4 before 6.3.1.36.

How severe is CVE-2020-35778?

CVE-2020-35778 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-35778?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear Gs716T Firmware, Netgear Gs716T, Netgear Gs724T Firmware, Netgear Gs724T.