CVE-2020-35223

CVE-2020-35223

EPSS 0.6%

The CSRF protection mechanism implemented in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices could be bypassed by omitting the CSRF token parameter in HTTP requests.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/