Vulnerability Details : CVE-2020-14428
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
Products affected by CVE-2020-14428
- cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-14428
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 29 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-14428
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.3
|
LOW | AV:A/AC:L/Au:N/C:P/I:N/A:N |
6.5
|
2.9
|
NIST | |
9.6
|
CRITICAL | CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L |
2.8
|
6.0
|
MITRE | |
8.8
|
HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
References for CVE-2020-14428
-
https://kb.netgear.com/000061936/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0044
Security Advisory for Admin Credential Disclosure on Some WiFi Systems, PSV-2020-0044 | Answer | NETGEAR SupportVendor Advisory
Jump to