#VU62047 Information disclosure in NETGEAR products
Published: April 11, 2022
Vulnerability identifier: #VU62047
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: N/A
CWE-ID: CWE-200
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vulnerable software:
RAX80
RAX75
DC112A
DGN2200Bv4
EX3700
EX6120
EX6130
EX7500
R7960P
R8000P
RAX200
RBS40V
RBW30
D6220
D6400
D8500
DGN2200v4
R6400
R6400v2
R7000
R7000P
R7900
R8000
R8500
RS400
WNDR3400v3
XR300
RAX80
RAX75
DC112A
DGN2200Bv4
EX3700
EX6120
EX6130
EX7500
R7960P
R8000P
RAX200
RBS40V
RBW30
D6220
D6400
D8500
DGN2200v4
R6400
R6400v2
R7000
R7000P
R7900
R8000
R8500
RS400
WNDR3400v3
XR300
Software vendor:
NETGEAR
NETGEAR
Description
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.
Remediation
Install updates from vendor's website.