Description
Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending with .jpg, such as by appending ?x=1.jpg to a URL. This affects MBR1515, MBR1516, DGN2200, DGN2200M, DGND3700, WNR2000v2, WNDR3300, WNDR3400, WNR3500, and WNR834Bv2.
Published: 2019-10-09
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2019-7780 Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending with .jpg, such as by appending ?x=1.jpg to a URL. This affects MBR1515, MBR1516, DGN2200, DGN2200M, DGND3700, WNR2000v2, WNDR3300, WNDR3400, WNR3500, and WNR834Bv2.
History

No history.

Subscriptions

Netgear Dgn2200 Dgn2200 Firmware Dgn2200m Dgn2200m Firmware Dgnd3700 Dgnd3700 Firmware Mbr1515 Mbr1515 Firmware Mbr1516 Mbr1516 Firmware Wndr3300 Wndr3300 Firmware Wndr3400 Wndr3400 Firmware Wnr2000v2 Wnr2000v2 Firmware Wnr3500 Wnr3500 Firmware Wnr834bv2 Wnr834bv2 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-05T01:40:15.309Z

Reserved: 2019-10-09T00:00:00.000Z

Link: CVE-2019-17373

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-10-09T13:15:20.193

Modified: 2024-11-21T04:32:12.537

Link: CVE-2019-17373

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses