CVE-2020-13245 - Netgear R9000 Firmware, Netgear Rax120 Firmware and Netgear R6220 Firmware

May 28, 2020

Moderate 5.9

Certain NETGEAR devices are affected by Missing SSL Certificate Validation. This affects R7000 1.0.9.6_1.2.19 through 1.0.11.100_10.2.10, and possibly R6120, R7800, R6220, R8000, R6350, R9000, R6400, RAX120, R6400v2, RBR20, R6800, XR300, R6850, XR500, and R7000P.

Affected software

Netgear R9000 Firmware

Netgear Rax120 Firmware

Netgear R6220 Firmware

Netgear R7800 Firmware

Netgear Rbr20 Firmware

Netgear Xr500 Firmware

Netgear R6800 Firmware

Netgear Xr300 Firmware

Netgear R6120 Firmware

Netgear R7000p Firmware

Netgear R8000 Firmware

Netgear R6850 Firmware

Netgear R6400 Firmware

Netgear R6350 Firmware

Reference links

https://iot-lab-fh-ooe.github.io/netgear_update_vulnerability/
https://www.netgear.com/about/security/

CVE-2020-13245 - Netgear R9000 Firmware, Netgear Rax120 Firmware and Netgear R6220 Firmware

Affected software

Reference links

Get alerted to vulnerabilities in your software