CVE-2020-26910
Last modified
CVE-2020-26910 is a medium-severity vulnerability rated 6.8/10 on the CVSS scale. Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.. EPSS estimates a 1.03% chance of exploitation in the next 30 days.
Description
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
Metrics
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Netgear | Cbr40 Firmware | < 2.5.0.10 |
| Netgear | Rbk752 Firmware | < 3.2.15.25 |
| Netgear | Rbr750 Firmware | < 3.2.15.25 |
| Netgear | Rbs750 Firmware | < 3.2.15.25 |
| Netgear | Rbk852 Firmware | < 3.2.15.25 |
| Netgear | Rbr850 Firmware | < 3.2.15.25 |
| Netgear | Rbs850 Firmware | < 3.2.15.25 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-26910?
How severe is CVE-2020-26910?
How do I fix CVE-2020-26910?
Are you affected by CVE-2020-26910?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST