#VU69030 Information disclosure in NETGEAR products
Published: November 7, 2022
Vulnerability identifier: #VU69030
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: N/A
CWE-ID: CWE-200
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vulnerable software:
RBR50
LBR20
LBR1020
RBK352
RBR350
RBS350
RBK20
RBR20
RBS20
EX6100v2
EX6150v2
EX7300v2
EX6400v2
EX6250
EX7320
EX6420
EX6410
EX7700
EX8000
RBK40
RBR40
RBS40
XR500
XR450
RAX10
R6700AX
RAX120
RAX120v2
RAX70
RAX78
R9000
R8900
EX6200v2
XR700
RBR50
LBR20
LBR1020
RBK352
RBR350
RBS350
RBK20
RBR20
RBS20
EX6100v2
EX6150v2
EX7300v2
EX6400v2
EX6250
EX7320
EX6420
EX6410
EX7700
EX8000
RBK40
RBR40
RBS40
XR500
XR450
RAX10
R6700AX
RAX120
RAX120v2
RAX70
RAX78
R9000
R8900
EX6200v2
XR700
Software vendor:
NETGEAR
NETGEAR
Description
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.
Remediation
Install updates from vendor's website.