CVE-2020-27873

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R7450 1.2.0.62_1.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SOAP API endpoint, which listens on TCP port 80 by default. The issue results from the lack of proper access control. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-11559.

CVSS v3 6.5 MEDIUM
CVSS v2.0 3.3 LOW

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

3.3^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:A/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 6.5 / Impact : 2.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://kb.netgear.com/000062641/Security-Advisory-for-Password-Recovery-Vulnerabilities-on-Some-Routers	Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-072/	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:netgear:ac2100_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ac2100:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:netgear:ac2400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ac2400:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:netgear:ac2600_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ac2600:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:netgear:r7200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r7200:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:netgear:r7350_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r7350:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:netgear:r7400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r7400:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:netgear:r7450_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r7450:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:netgear:r6330_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r6330:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:netgear:r6350_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r6350:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:netgear:r6850_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r6850:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-02-04 17:15

Updated : 2024-02-04 21:23

NVD link : CVE-2020-27873

Mitre link : CVE-2020-27873

CVE.ORG link : CVE-2020-27873

JSON object : View

Products Affected

netgear

ac2400_firmware
ac2100_firmware
ac2600_firmware
r7400_firmware
r6020_firmware
r6230
r6800
r6350_firmware
r6230_firmware
r6260_firmware
r6020
r6350
r6260
r6700
ac2600
r7200
r7450_firmware
ac2400
r7350
r6220_firmware
r6850
r6900
r6080
r6330
r6700_firmware
r6220
r6900_firmware
r6800_firmware
r6850_firmware
r7200_firmware
r7350_firmware
r6120_firmware
r6080_firmware
ac2100
r7400
r7450
r6120
r6330_firmware

CWE

CWE-863

Incorrect Authorization

CWE-284

Improper Access Control

6.5 /10

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

3.3 /10

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2020-27873

6.5^/10

3.3^/10

Attach tags to `CVE-2020-27873`