Friday, December 6, 2024
HomeCVE/vulnerabilityNetgear JGS516PE Ethernet Switch Flaws let Attackers Execute Remote Code

Netgear JGS516PE Ethernet Switch Flaws let Attackers Execute Remote Code

Published on

SIEM as a Service

Recently, Netgear has published security updates to inscribe 15 severe vulnerabilities in its JGS516PE Ethernet switch. These flaws involve an unauthenticated remote code execution vulnerability which is considered as one of the critical flaws.

According to the cybersecurity analyst, this switch is unprotected to nine high-severity vulnerabilities, and among them, there are five medium-rated ones.

However, this switch flaw is affecting firmware versions that are prior to 2.6.0.43. And the researchers pronounced that the bug is associated with the internal administration of web applications. 

- Advertisement - SIEM as a Service

The switch flaw is not performing accurate access controls which could enable the threat actors to circumvent authentication and run code with the rights of the controller.

Vulnerable Software

There is a total of two vulnerable software, and here we have mentioned them below:-

  • JGS516PE
  • GS116Ev2

Flaws discovered

  • Unauthenticated RCE (CVE-2020-26919): This security flaw allows the unauthenticated threat actors to circumvent authentication and execute arbitrary actions with administrator rights.
  • Risk: Critical
  • CVSS Score: 9.8
  • Mitigation: Immediately update the firmware of the device to version 2.6.0.43 or later.
  • Improper Authentication (CVE-2020-35231): This flaw generally, enables the remote threat actor to circumvent all the authentication processes.
  • Risk: High
  • CVSS Score: 8.1
  • Mitigation: Keep the remote management feature disabled and you have to stop using the “Pro Safe Plus Configuration Utility.”
  • Unauthenticated Firmware Update Mechanism (CVE-2020-35220): This vulnerability could allow an unauthenticated attacker to upload specially crafted malicious firmware files without requiring the admin credentials.
  • Risk: High
  • CVSS Score: 8.3
  • Mitigation: Update the firmware of the vulnerable device to the version 2.6.0.48 or later.
  • TFTP Ineffective Firmware Checks (CVE-2020-35232): The attackers can easily exploit this flaw to overwrite the whole memory with their custom malicious code via their custom firmware files.
  • Risk: High
  • CVSS Score: 8.1
  • Mitigation: In this case also you have to update the firmware of the vulnerable device to version 2.6.0.48 or later.
  • Cross-site request forgery (CVE-2020-35223): In this flaw, the threat actors can conduct the cross-site request forgery offenses.
  • Risk: Medium
  • CVSS Score: 6.3
  • Mitigation: Users have to follow healthy and secure deployment practices.
  • Buffer overflow (CVE-2020-35225): This vulnerability enables a remote user to administer the arbitrary code on the targeted system.
  • Risk: Medium
  • CVSS Score: 6.4
  • Mitigation: Leave the remote management feature disabled and you have to stop using the ” Pro Safe Plus Configuration Utility.”
  • Integer overflow (CVE-2020-35230): In this vulnerability, the remote users can easily execute a denial of service (DoS) attack.
  • Risk: Medium
  • CVSS Score: 6.5
  • Mitigation: You have to follow strict and secure deployment practices to place the switches behind the firewalls.
  • TFTP Unexpected Behaviours (CVE-2020-35233): This security flaw allows the threat actors to reboot the affected systems when they are being updated.
  • Risk: Medium
  • CVSS Score: 6.5
  • Mitigation: Here, the security analysts have recommended updating the affected device firmware to the secure version 2.6.0.48 or later.
  • Information disclosure (CVE-2020-35222): The vulnerability enables a remote threat actor to gain access to all possibly sensitive data.
  • Risk: Medium
  • CVSS Score: 6.5
  • Mitigation: Leave the remote management feature disabled, and stop utilizing the “Pro Safe Plus Configuration Utility.”
  • Improper access control (CVE-2020-35226): In this vulnerability, the threat actors gain access to the restricted functionality.
  • Risk: High
  • CVSS Score: 7.1
  • Mitigation: Keep the remote management feature disabled, and for now you have to stop using the “Pro Safe Plus Configuration Utility.”
  • Buffer overflow (CVE-2020-35227): This vulnerability enables users to execute arbitrary code on the target system.
  • Risk: High
  • CVSS Score: 7.2
  • Mitigations: Users have to follow secure deployment practices until the exact solution is arriving.
  • Stored cross-site scripting (CVE-2020-35228): This vulnerability enables a remote threat actor to execute cross-site scripting (XSS) attacks.
  • Risk: High
  • CVSS Score: 7.2
  • Mitigation: In this case, the researchers have recommended only to follow secure deployment practices.
  • Improper Authentication (CVE-2020-35229): In this vulnerability, the threat actors can easily bypass the authentication process.
  • Risk: High
  • CVSS Score: 7.5
  • Mitigation: leave the remote management feature disabled and stop utilizing the “Pro Safe Plus Configuration Utility.”
  • Insufficiently protected credentials (CVE-2020-35221): In this vulnerability, the threat actors could easily compromise the target system.
  • Risk: High
  • CVSS Score: 7.5
  • Mitigations: Again here you have to leave the remote management feature disabled and stop utilizing the “Pro Safe Plus Configuration Utility.”
  • Buffer overflow (CVE-2020-35224): The vulnerability enables a remote attacker to execute a denial of service (DoS) attack.
  • Risk: High
  • CVSS Score: 8.1
  • Mitigation: Since there is no exact solution is available, the experts have recommended to leave the remote management feature disabled and stop utilizing the “Pro Safe Plus Configuration Utility.”

Apart from this, any non-authenticated attacker can easily exploit these vulnerabilities remotely through the local area network (LAN). While to exploit the flaw what attackers have to do is send a specially crafted request to the affected system, that’s it.

Moreover, the cybersecurity experts affirmed that they have not yet detected any known malware exploiting this flaw. But, Netgear has acknowledged that they are trying their best to identify all the vulnerabilities and find the mitigations of these vulnerabilities.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity, and hacking news updates.

Also Read

Google Fixed yet Another Actively Exploited zero-day Vulnerability in the Chrome Browser

New Crypto-Miner Campaign Targets QNAP NAS Devices via the Unauthorized RCE Vulnerability

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

One Identity Named Winner of the Coveted Top InfoSec Innovator Awards for 2024

One Identity named Hot Company: Privileged Access Management (PAM) in 12th Cyber Defense Magazine’s...

HCL DevOps Deploy / Launch Vulnerability Let Embed arbitrary HTML tags

Recently identified by security researchers, a new vulnerability in HCL DevOps Deploy and HCL...

CISA Warns of Zyxel Firewalls, CyberPanel, North Grid, & ProjectSend Flaws Exploited in Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about several vulnerabilities being...

HackSynth : Autonomous Pentesting Framework For Simulating Cyberattacks

HackSynth is an autonomous penetration testing agent that leverages Large Language Models (LLMs) to...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

One Identity Named Winner of the Coveted Top InfoSec Innovator Awards for 2024

One Identity named Hot Company: Privileged Access Management (PAM) in 12th Cyber Defense Magazine’s...

HCL DevOps Deploy / Launch Vulnerability Let Embed arbitrary HTML tags

Recently identified by security researchers, a new vulnerability in HCL DevOps Deploy and HCL...

CISA Warns of Zyxel Firewalls, CyberPanel, North Grid, & ProjectSend Flaws Exploited in Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about several vulnerabilities being...