CVE-2019-20699

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects GS105Ev2 before 1.6.0.4, GS105PE before 1.6.0.4, GS408EPP before 1.0.0.15, GS808E before 1.7.0.7, GS908E before 1.7.0.3, GSS108E before 1.6.0.4, and GSS108EPP before 1.0.0.15.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netgear:gs105e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:gs105e:v2:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netgear:gs105pe_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:gs105pe:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netgear:gs408epp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:gs408epp:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netgear:gs808e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:gs808e:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netgear:gs908e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:gs908e:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netgear:gss108e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:gss108e:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netgear:gss108epp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:gss108epp:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:39

Type Values Removed Values Added
References () https://kb.netgear.com/000061230/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Switches-PSV-2018-0538 - Vendor Advisory () https://kb.netgear.com/000061230/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Switches-PSV-2018-0538 - Vendor Advisory

Information

Published : 2020-04-16 19:15

Updated : 2024-11-21 04:39


NVD link : CVE-2019-20699

Mitre link : CVE-2019-20699

CVE.ORG link : CVE-2019-20699


JSON object : View

Products Affected

netgear

  • gss108e_firmware
  • gs808e_firmware
  • gs808e
  • gs105e
  • gs408epp
  • gs105pe
  • gs908e_firmware
  • gs908e
  • gs105pe_firmware
  • gss108epp
  • gss108e
  • gs105e_firmware
  • gss108epp_firmware
  • gs408epp_firmware
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')