ID
VAR-202004-0878
CVE
CVE-2019-20638
TITLE
NETGEAR MR1100 Inadequate protection of credentials on devices
Trust: 0.8
sources:
JVNDB: JVNDB-2019-015302
DESCRIPTION
NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure of administrative credentials. NETGEAR MR1100 is a wireless router of NETGEAR. There are security vulnerabilities in NETGEAR MR1100 before version 12.06.08.00. Attackers can use this vulnerability to obtain management credentials
Trust: 2.16
sources:
NVD: CVE-2019-20638 //
JVNDB: JVNDB-2019-015302 //
CNVD: CNVD-2020-26946
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2020-26946
AFFECTED PRODUCTS
| vendor: | netgear | model: | mr1100 | scope: | lt | version: | 12.06.08.00 | Trust: 1.6 |
| vendor: | netgear | model: | mr 1100 | scope: | eq | version: | 12.06.08.00 | Trust: 0.8 |
sources:
CNVD: CNVD-2020-26946 //
JVNDB: JVNDB-2019-015302 //
NVD: CVE-2019-20638
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
CNVD: CNVD-2020-26946 //
JVNDB: JVNDB-2019-015302 //
CNNVD: CNNVD-202004-1248 //
NVD: CVE-2019-20638 //
NVD: CVE-2019-20638
PROBLEMTYPE DATA
| problemtype: | CWE-200 | Trust: 1.0 |
| problemtype: | CWE-522 | Trust: 0.8 |
sources:
JVNDB: JVNDB-2019-015302 //
NVD: CVE-2019-20638
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202004-1248
TYPE
information disclosure
Trust: 0.6
sources:
CNNVD: CNNVD-202004-1248
CONFIGURATIONS
sources:
JVNDB: JVNDB-2019-015302
PATCH
| title: | Security Advisory for Admin Credential Disclosure on MR1100, PSV-2019-0008 | url: | https://kb.netgear.com/000061506/Security-Advisory-for-Admin-Credential-Disclosure-on-MR1100-PSV-2019-0008 | Trust: 0.8 |
| title: | Patch for NETGEAR MR1100 has an unknown vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/216361 | Trust: 0.6 |
| title: | NETGEAR MR1100 Security vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116543 | Trust: 0.6 |
sources:
CNVD: CNVD-2020-26946 //
JVNDB: JVNDB-2019-015302 //
CNNVD: CNNVD-202004-1248
EXTERNAL IDS
| db: | NVD | id: | CVE-2019-20638 | Trust: 3.0 |
| db: | JVNDB | id: | JVNDB-2019-015302 | Trust: 0.8 |
| db: | CNVD | id: | CNVD-2020-26946 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202004-1248 | Trust: 0.6 |
sources:
CNVD: CNVD-2020-26946 //
JVNDB: JVNDB-2019-015302 //
CNNVD: CNNVD-202004-1248 //
NVD: CVE-2019-20638
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2019-20638 | Trust: 2.0 |
| url: | https://kb.netgear.com/000061506/security-advisory-for-admin-credential-disclosure-on-mr1100-psv-2019-0008 | Trust: 1.6 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20638 | Trust: 0.8 |
sources:
CNVD: CNVD-2020-26946 //
JVNDB: JVNDB-2019-015302 //
CNNVD: CNNVD-202004-1248 //
NVD: CVE-2019-20638
SOURCES
| db: | CNVD | id: | CNVD-2020-26946 |
| db: | JVNDB | id: | JVNDB-2019-015302 |
| db: | CNNVD | id: | CNNVD-202004-1248 |
| db: | NVD | id: | CVE-2019-20638 |
LAST UPDATE DATE
2024-11-23T23:11:27.456000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2020-26946 | date: | 2020-05-07T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-015302 | date: | 2020-05-11T00:00:00 |
| db: | CNNVD | id: | CNNVD-202004-1248 | date: | 2021-01-05T00:00:00 |
| db: | NVD | id: | CVE-2019-20638 | date: | 2024-11-21T04:38:56.340 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2020-26946 | date: | 2020-05-07T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-015302 | date: | 2020-05-11T00:00:00 |
| db: | CNNVD | id: | CNNVD-202004-1248 | date: | 2020-04-15T00:00:00 |
| db: | NVD | id: | CVE-2019-20638 | date: | 2020-04-15T18:15:13.973 |