Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in NETGEAR switching hubs (GS716Tv2 Firmware version 5.4.2.30 and earlier, and GS724Tv3 Firmware version 5.4.2.30 and earlier) allow remote attackers to hijack the authentication of administrators and alter the settings of the device via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netgear | Gs716Tv2 Firmware | <= 5.4.2.30 |
| Netgear | Gs716T | v2 |
| Netgear | Gs724Tv3 Firmware | <= 5.4.2.30 |
| Netgear | Gs724T | v3 |
Related Weaknesses (CWE)
References
- http://jvn.jp/en/jp/JVN29903998/index.htmlThird Party Advisory
- https://jvn.jp/en/jp/JVN29903998/index.htmlThird Party Advisory
- https://www.netgear.com/support/product/gs716Tv2.aspxPatchVendor Advisory
- https://www.netgear.com/support/product/gs724tv3.aspxPatchVendor Advisory
- http://jvn.jp/en/jp/JVN29903998/index.htmlThird Party Advisory
- https://jvn.jp/en/jp/JVN29903998/index.htmlThird Party Advisory
- https://www.netgear.com/support/product/gs716Tv2.aspxPatchVendor Advisory
- https://www.netgear.com/support/product/gs724tv3.aspxPatchVendor Advisory
FAQ
What is CVE-2020-5621?
CVE-2020-5621 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site request forgery (CSRF) vulnerability in NETGEAR switching hubs (GS716Tv2 Firmware version 5.4.2.30 and earlier, and GS724Tv3 Firmware version 5.4.2.30 and earlier) allow remote attackers to...
How severe is CVE-2020-5621?
CVE-2020-5621 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-5621?
Check the references section above for vendor advisories and patch information. Affected products include: Netgear Gs716Tv2 Firmware, Netgear Gs716T, Netgear Gs724Tv3 Firmware, Netgear Gs724T.