{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.40, R6080 before 1.0.0.40, R6050 before 1.0.1.18, R6120 before 1.0.0.48, R6220 before 1.1.0.86, R6260 before 1.1.0.64, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, and WNR2020 before 1.1.0.62."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-04-16T14:21:22", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kb.netgear.com/000061453/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2018-0239"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-20686", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.40, R6080 before 1.0.0.40, R6050 before 1.0.1.18, R6120 before 1.0.0.48, R6220 before 1.1.0.86, R6260 before 1.1.0.64, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, and WNR2020 before 1.1.0.62."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "ADJACENT", "availabilityImpact": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://kb.netgear.com/000061453/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2018-0239", "refsource": "CONFIRM", "url": "https://kb.netgear.com/000061453/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2018-0239"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-20686", "datePublished": "2020-04-16T14:21:22", "dateReserved": "2020-04-15T00:00:00", "dateUpdated": "2020-04-16T14:21:22", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2C487C01-3E4A-4DBB-9BFB-A143E6B90580", "versionEndExcluding": "1.1.00.36", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*", "matchCriteriaId": "00E6A1B7-4732-4259-9B71-10FF0B56A16B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "53F5A909-D848-494E-9EB9-B794515372E2", "versionEndExcluding": "1.0.1.74", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF04B65B-9685-4595-9C71-0F77AD7109BE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CC9C60BB-2E7F-4D35-9348-8D8AEFAAD75F", "versionEndExcluding": "1.0.1.18", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*", "matchCriteriaId": "D67167E5-81D2-4892-AF41-CBB6271232D1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "50E2E26A-200E-4D00-9657-034EACE3944F", "versionEndExcluding": "1.0.0.28", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*", "matchCriteriaId": "2451CC0C-71B2-474D-93F0-2B2ACD802FE3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A16C1EC4-9A32-402D-9533-1B3CB92FF543", "versionEndExcluding": "1.0.0.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DDA7ABF-4C4B-4945-993A-F93BD8FCB55E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A3355438-3A37-4436-8950-9B9A00296CDD", "versionEndExcluding": "1.0.0.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*", "matchCriteriaId": "1CEB5C49-53CF-44AE-9A7D-E7E6201BFE62", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EDB0CD0A-A68D-4EF5-A938-6A15604C9107", "versionEndExcluding": "1.0.1.18", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*", "matchCriteriaId": "363D4DEE-98B9-4294-B241-1613CAD1A3A7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "57078954-E876-4C0F-A519-02D1C955D808", "versionEndExcluding": "1.0.0.48", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*", "matchCriteriaId": "D18D2CCD-424F-41D5-919B-E22B9FA68D36", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "51FC4898-BF35-443A-A003-40351B20ADEC", "versionEndExcluding": "1.1.0.86", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*", "matchCriteriaId": "B131B5C8-CB7F-433B-BA32-F05CE0E92A66", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "16D72B7A-0707-428F-A9AE-5899EBF4BBA0", "versionEndExcluding": "1.1.0.64", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*", "matchCriteriaId": "3C395D49-57F9-4BC1-8619-57127355B86B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4A4FB8A1-D380-4234-88EB-91BFF6D215C7", "versionEndExcluding": "1.2.0.36", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*", "matchCriteriaId": "9F9706E6-CA53-43E4-91B0-D52655C86860", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3C39CE79-6433-47E2-A439-9AB1DFBD843C", "versionEndExcluding": "1.2.0.36", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*", "matchCriteriaId": "09404083-B00B-4C1F-8085-BC242E625CA3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DB6992BA-B0F5-4E00-84F4-0B0336910AFA", "versionEndExcluding": "1.2.0.36", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*", "matchCriteriaId": "2E8EB69B-6619-47B6-A073-D0B840D4EB0B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0141851-BE96-4F6A-883F-3B20AE6945C1", "versionEndExcluding": "1.1.0.62", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*", "matchCriteriaId": "C2189628-03E7-445A-9EF2-656A85539115", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.40, R6080 before 1.0.0.40, R6050 before 1.0.1.18, R6120 before 1.0.0.48, R6220 before 1.1.0.86, R6260 before 1.1.0.64, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, and WNR2020 before 1.1.0.62."}, {"lang": "es", "value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer por parte de un atacante no autenticado. Esto afecta a D6200 versiones anteriores a 1.1.00.36, D7000 versiones anteriores a 1.0.1.74, JR6150 versiones anteriores a 1.0.1.18, PR2000 versiones anteriores a 1.0.0.28, R6020 versiones anteriores a 1.0.0.40, R6080 versiones anteriores a 1.0.0.40, R6050 versiones anteriores a 1.0.1. 18, R6120 versiones anteriores a 1.0.0.48, R6220 versiones anteriores a 1.1.0.86, R6260 versiones anteriores a 1.1.0.64, R6700v2 versiones anteriores a 1.2.0.36, R6800 versiones anteriores a 1.2.0.36, R6900v2 versiones anteriores a 1.2.0.36, y WNR2020 versiones anteriores a 1.1.0.62."}], "id": "CVE-2019-20686", "lastModified": "2020-04-22T13:31:29.927", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "cve@mitre.org", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-04-16T19:15:23.120", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://kb.netgear.com/000061453/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2018-0239"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}