Sign-up

ID

VAR-201611-0422


TITLE

NETGEAR ADSL Router JNR2010 Module Remote File Disclosure Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2016-11249

DESCRIPTION

NETGEARADSLRouter is a router product of NetGear. A remote file disclosure vulnerability exists in the NETGEARADSLRouterJNR20101.0.0.20 version. The program did not fully validate the input provided by the user. An attacker could exploit this vulnerability to view sensitive local files in the context of a web service process, which may be helpful in further attacks.

Trust: 0.6

sources: CNVD: CNVD-2016-11249

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-11249

AFFECTED PRODUCTS

vendor:netgearmodel:adsl router jnr2010scope:eqversion:1.0.0.20

Trust: 0.6

sources: CNVD: CNVD-2016-11249

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2016-11249
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2016-11249
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2016-11249

EXTERNAL IDS

db:CXSECURITYid:WLB-2016110090

Trust: 0.6

db:CNVDid:CNVD-2016-11249

Trust: 0.6

sources: CNVD: CNVD-2016-11249

REFERENCES

url:https://cxsecurity.com/issue/wlb-2016110090

Trust: 0.6

sources: CNVD: CNVD-2016-11249

SOURCES

db:CNVDid:CNVD-2016-11249

LAST UPDATE DATE

2022-05-17T01:46:26.622000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2016-11249date:2016-11-18T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2016-11249date:2016-11-18T00:00:00