Certain NETGEAR devices are affected by lack of access control at the function level. This affects JGS516PE before 2.6.0.48, JGS524PE before 2.6.0.48, JGS524Ev2 before 2.6.0.48, and GS116Ev2 before 2.6.0.48.
Metrics
CVSS Version: 3.1 |
Base Score: 6.2 MEDIUM Vector: CVSS:3.1/AC:H/AV:N/A:L/C:H/I:H/PR:H/S:U/UI:N
l➤ Exploitability Metrics: Attack Vector (AV)* NETWORK Attack Complexity (AC)* HIGH Privileges Required (PR)* HIGH User Interaction (UI)* NONE Scope (S)* UNCHANGED
l➤ Impact Metrics: Confidentiality Impact (C)* HIGH Integrity Impact (I)* HIGH Availability Impact (A)* LOW
Weakness Enumeration (CWE)
CWE-ID: CWE Name: n/a Source: n/a
Common Attack Pattern Enumeration and Classification (CAPEC)