CVE-2020-35223
8.8HIGHThe CSRF protection mechanism implemented in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices could be bypassed by omitting the CSRF token parameter in HTTP requests.
Publicado: 3/10/2021Actualizado: 11/21/2024
Descripción
The CSRF protection mechanism implemented in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices could be bypassed by omitting the CSRF token parameter in HTTP requests.
Análisis IAImpulsado por IA
Productos Afectados
netgeargs116e_firmware
2.6.0.43
netgeargs116e
v2
netgearjgs516pe_firmware
2.6.0.43
netgearjgs516pe
-
Referencias
- https://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/Vendor Advisory
- https://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/Vendor Advisory