How severe is CVE-2020-35223?

CVE-2020-35223 has a CVSS v3 score of 8.8 (HIGH).

CVE-2020-35223

Name: jgs516pe
Author: netgear

8.8HIGH

The CSRF protection mechanism implemented in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices could be bypassed by omitting the CSRF token parameter in HTTP requests.

게시됨: 3/10/2021업데이트됨: 11/21/2024

설명

The CSRF protection mechanism implemented in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices could be bypassed by omitting the CSRF token parameter in HTTP requests.

AI 분석AI 기반

영향받는 제품

netgeargs116e_firmware

2.6.0.43

netgeargs116e

netgearjgs516pe_firmware

2.6.0.43

netgearjgs516pe

참조

https://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/
Vendor Advisory
https://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/
Vendor Advisory