Thursday, October 3, 2024
HomeCVE/vulnerabilityNetgear JGS516PE Ethernet Switch Flaws let Attackers Execute Remote Code

Netgear JGS516PE Ethernet Switch Flaws let Attackers Execute Remote Code

Published on

Recently, Netgear has published security updates to inscribe 15 severe vulnerabilities in its JGS516PE Ethernet switch. These flaws involve an unauthenticated remote code execution vulnerability which is considered as one of the critical flaws.

According to the cybersecurity analyst, this switch is unprotected to nine high-severity vulnerabilities, and among them, there are five medium-rated ones.

However, this switch flaw is affecting firmware versions that are prior to 2.6.0.43. And the researchers pronounced that the bug is associated with the internal administration of web applications. 

- Advertisement - EHA

The switch flaw is not performing accurate access controls which could enable the threat actors to circumvent authentication and run code with the rights of the controller.

Vulnerable Software

There is a total of two vulnerable software, and here we have mentioned them below:-

  • JGS516PE
  • GS116Ev2

Flaws discovered

  • Unauthenticated RCE (CVE-2020-26919): This security flaw allows the unauthenticated threat actors to circumvent authentication and execute arbitrary actions with administrator rights.
  • Risk: Critical
  • CVSS Score: 9.8
  • Mitigation: Immediately update the firmware of the device to version 2.6.0.43 or later.
  • Improper Authentication (CVE-2020-35231): This flaw generally, enables the remote threat actor to circumvent all the authentication processes.
  • Risk: High
  • CVSS Score: 8.1
  • Mitigation: Keep the remote management feature disabled and you have to stop using the “Pro Safe Plus Configuration Utility.”
  • Unauthenticated Firmware Update Mechanism (CVE-2020-35220): This vulnerability could allow an unauthenticated attacker to upload specially crafted malicious firmware files without requiring the admin credentials.
  • Risk: High
  • CVSS Score: 8.3
  • Mitigation: Update the firmware of the vulnerable device to the version 2.6.0.48 or later.
  • TFTP Ineffective Firmware Checks (CVE-2020-35232): The attackers can easily exploit this flaw to overwrite the whole memory with their custom malicious code via their custom firmware files.
  • Risk: High
  • CVSS Score: 8.1
  • Mitigation: In this case also you have to update the firmware of the vulnerable device to version 2.6.0.48 or later.
  • Cross-site request forgery (CVE-2020-35223): In this flaw, the threat actors can conduct the cross-site request forgery offenses.
  • Risk: Medium
  • CVSS Score: 6.3
  • Mitigation: Users have to follow healthy and secure deployment practices.
  • Buffer overflow (CVE-2020-35225): This vulnerability enables a remote user to administer the arbitrary code on the targeted system.
  • Risk: Medium
  • CVSS Score: 6.4
  • Mitigation: Leave the remote management feature disabled and you have to stop using the ” Pro Safe Plus Configuration Utility.”
  • Integer overflow (CVE-2020-35230): In this vulnerability, the remote users can easily execute a denial of service (DoS) attack.
  • Risk: Medium
  • CVSS Score: 6.5
  • Mitigation: You have to follow strict and secure deployment practices to place the switches behind the firewalls.
  • TFTP Unexpected Behaviours (CVE-2020-35233): This security flaw allows the threat actors to reboot the affected systems when they are being updated.
  • Risk: Medium
  • CVSS Score: 6.5
  • Mitigation: Here, the security analysts have recommended updating the affected device firmware to the secure version 2.6.0.48 or later.
  • Information disclosure (CVE-2020-35222): The vulnerability enables a remote threat actor to gain access to all possibly sensitive data.
  • Risk: Medium
  • CVSS Score: 6.5
  • Mitigation: Leave the remote management feature disabled, and stop utilizing the “Pro Safe Plus Configuration Utility.”
  • Improper access control (CVE-2020-35226): In this vulnerability, the threat actors gain access to the restricted functionality.
  • Risk: High
  • CVSS Score: 7.1
  • Mitigation: Keep the remote management feature disabled, and for now you have to stop using the “Pro Safe Plus Configuration Utility.”
  • Buffer overflow (CVE-2020-35227): This vulnerability enables users to execute arbitrary code on the target system.
  • Risk: High
  • CVSS Score: 7.2
  • Mitigations: Users have to follow secure deployment practices until the exact solution is arriving.
  • Stored cross-site scripting (CVE-2020-35228): This vulnerability enables a remote threat actor to execute cross-site scripting (XSS) attacks.
  • Risk: High
  • CVSS Score: 7.2
  • Mitigation: In this case, the researchers have recommended only to follow secure deployment practices.
  • Improper Authentication (CVE-2020-35229): In this vulnerability, the threat actors can easily bypass the authentication process.
  • Risk: High
  • CVSS Score: 7.5
  • Mitigation: leave the remote management feature disabled and stop utilizing the “Pro Safe Plus Configuration Utility.”
  • Insufficiently protected credentials (CVE-2020-35221): In this vulnerability, the threat actors could easily compromise the target system.
  • Risk: High
  • CVSS Score: 7.5
  • Mitigations: Again here you have to leave the remote management feature disabled and stop utilizing the “Pro Safe Plus Configuration Utility.”
  • Buffer overflow (CVE-2020-35224): The vulnerability enables a remote attacker to execute a denial of service (DoS) attack.
  • Risk: High
  • CVSS Score: 8.1
  • Mitigation: Since there is no exact solution is available, the experts have recommended to leave the remote management feature disabled and stop utilizing the “Pro Safe Plus Configuration Utility.”

Apart from this, any non-authenticated attacker can easily exploit these vulnerabilities remotely through the local area network (LAN). While to exploit the flaw what attackers have to do is send a specially crafted request to the affected system, that’s it.

Moreover, the cybersecurity experts affirmed that they have not yet detected any known malware exploiting this flaw. But, Netgear has acknowledged that they are trying their best to identify all the vulnerabilities and find the mitigations of these vulnerabilities.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity, and hacking news updates.

Also Read

Google Fixed yet Another Actively Exploited zero-day Vulnerability in the Chrome Browser

New Crypto-Miner Campaign Targets QNAP NAS Devices via the Unauthorized RCE Vulnerability

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Northern Ireland Police to Pay £750,000 Fine Following Data Breach

The Police Service of Northern Ireland (PSNI) has been ordered to pay a £750,000...

ANY.RUN Upgrades Threat Intelligence to Identify Emerging Threats

ANY.RUN announced an upgrade to its Threat Intelligence Portal, enhancing its capabilities to identify...

Cisco Nexus Vulnerability Let Hackers Execute Arbitrary Commands on Vulnerable Systems

A critical vulnerability has been discovered in Cisco's Nexus Dashboard Fabric Controller (NDFC), potentially...

Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Northern Ireland Police to Pay £750,000 Fine Following Data Breach

The Police Service of Northern Ireland (PSNI) has been ordered to pay a £750,000...

Cisco Nexus Vulnerability Let Hackers Execute Arbitrary Commands on Vulnerable Systems

A critical vulnerability has been discovered in Cisco's Nexus Dashboard Fabric Controller (NDFC), potentially...

Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new...