CVE-2020-35224
A buffer overflow vulnerability in the NSDP protocol authentication method on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allows remote unauthenticated attackers to force a device reboot. Devamını Oku
Devamını oku
CVE-2020-35223 (gs116e_firmware, jgs516pe_firmware)
The CSRF protection mechanism implemented in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices could be bypassed by omitting the CSRF token parameter in HTTP requests. Devamını Oku
CVE-2020-35223
The CSRF protection mechanism implemented in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices could be bypassed by omitting the CSRF token parameter in HTTP requests. Devamını Oku
CVE-2020-35222
The NSDP protocol version implemented on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allows unauthenticated remote attackers to obtain all the switch configuration parameters by sending the corresponding read requests. Devamını Oku
CVE-2020-35221
The hashing algorithm implemented for NSDP password authentication on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was found to be insecure, allowing attackers (with access to a network capture) to quickly generate multiple collisions to generate valid passwords, or infer some parts of the original. Devamını Oku
CVE-2020-35220
A TFTP server was found to be active by default on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices. It allows remote authenticated users to update the switch firmware. Devamını Oku
CVE-2020-35216
An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false member down event messages. Devamını Oku
CVE-2020-35215
An issue in Atomix v3.1.5 allows attackers to access sensitive information when a malicious Atomix node queries distributed variable primitives which contain the entire primitive lists that ONOS nodes use to share important states. Devamını Oku
CVE-2020-35214
An issue in Atomix v3.1.5 allows a malicious Atomix node to remove states of ONOS storage via abuse of primitive operations. Devamını Oku
CVE-2020-35213
An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false link event messages sent to a master ONOS node. Devamını Oku
CVE-2020-35211
An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node in a target cluster via manipulation of the variable terms in RaftContext. Devamını Oku
CVE-2020-35210
A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via a Raft session flooding attack using Raft OpenSessionRequest messages. Devamını Oku