CVE-2020-26919
CVE-2020-26919
In short
NETGEAR JGS516PE switches before version 2.6.0.43 lack proper access controls, allowing unauthorized users to perform administrative functions they shouldn't be able to access. This means attackers could gain control over the device's critical settings without proper authentication.
Technical detail
The vulnerability stems from insufficient function-level access control in NETGEAR JGS516PE versions prior to 2.6.0.43, enabling unauthenticated or low-privileged users to invoke administrative operations. An attacker with network access can directly call protected functions without proper authorization checks, leading to complete device compromise and potential network disruption.
Summary generated and translated by AI from the official description.
NETGEAR JGS516PE devices before 2.6.0.43 are affected by lack of access control at the function level.
CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →