1. Home
  2. CVE Database
  3. CVE-2020-35784
MEDIUM · 6.2

CVE-2020-35784

Certain NETGEAR devices are affected by lack of access control at the function level. This affects JGS516PE before 2.6.0.48, JGS524PE before 2.6.0.48, JGS524Ev2 before 2.6.0.48, and GS116Ev2 before 2....

Vulnerability Description

Certain NETGEAR devices are affected by lack of access control at the function level. This affects JGS516PE before 2.6.0.48, JGS524PE before 2.6.0.48, JGS524Ev2 before 2.6.0.48, and GS116Ev2 before 2.6.0.48.

CVSS Score

6.2

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
LOW

Affected Products

VendorProductVersions
NetgearJgs516Pe Firmware< 2.6.0.48
NetgearJgs516Pe-
NetgearJgs524E Firmware< 2.6.0.48
NetgearJgs524Ev2
NetgearJgs524Pe Firmware< 2.6.0.48
NetgearJgs524Pe-
NetgearGs116E Firmware< 2.6.0.48
NetgearGs116Ev2

References

FAQ

What is CVE-2020-35784?

CVE-2020-35784 is a vulnerability with a CVSS score of 6.2 (MEDIUM). Certain NETGEAR devices are affected by lack of access control at the function level. This affects JGS516PE before 2.6.0.48, JGS524PE before 2.6.0.48, JGS524Ev2 before 2.6.0.48, and GS116Ev2 before 2....

How severe is CVE-2020-35784?

CVE-2020-35784 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-35784?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear Jgs516Pe Firmware, Netgear Jgs516Pe, Netgear Jgs524E Firmware, Netgear Jgs524E, Netgear Jgs524Pe Firmware.