Published:2020/08/28 Last Updated:2020/08/28
JVN#29903998
Multiple NETGEAR switching hubs vulnerable to cross-site request forgery
Overview
GS716Tv2 and GS724Tv3 provided by NETGEAR contain a cross-site request forgery vulnerability.
Products Affected
- GS716Tv2 Firmware version 5.4.2.30 and earlier
- GS724Tv3 Firmware version 5.4.2.30 and earlier
Description
GS716Tv2 and GS724Tv3 switching hubs provided by NETGEAR contain a cross-site request forgery vulnerability.
Impact
If a user views a malicious page while logged in to the management screen, the product's settings may be changed unintentionally.
Solution
Apply a workaround
Applying the following workaround may mitigate the impacts of this vulnerability.
- Set the IP address of the product in a different network from the one used for the user port
GS716Tv2 and GS724Tv3 are no longer supported. Stop using the products and consider switching to an alternative products.
NETGEAR offers GS716Tv3 (GS716T-300AJS) and GS724Tv4 (GS724T-400AJS) as successors to GS716Tv2 and GS724Tv3.
Vendor Status
| Vendor | Link |
| NETGEAR | GS716Tv2 | Product | Support | NETGEAR |
| GS724Tv3 | Product | Support | NETGEAR |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
CVSS v3
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Base Score:
4.3
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
CVSS v2
AV:N/AC:H/Au:N/C:N/I:P/A:N
Base Score:
2.6
| Access Vector(AV) | Local (L) | Adjacent Network (A) | Network (N) |
|---|---|---|---|
| Access Complexity(AC) | High (H) | Medium (M) | Low (L) |
| Authentication(Au) | Multiple (M) | Single (S) | None (N) |
| Confidentiality Impact(C) | None (N) | Partial (P) | Complete (C) |
| Integrity Impact(I) | None (N) | Partial (P) | Complete (C) |
| Availability Impact(A) | None (N) | Partial (P) | Complete (C) |
Credit
Rei Yano reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2020-5621 |
| JVN iPedia |
JVNDB-2020-000056 |