Description
Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86.
CVSS breakdown
CVSS 4.0
Attack Vector
Adjacent
Attack Complexity
High
Attack Requirements
Present
Privileges Required
Low
User Interaction
None
Confidentiality (Vulnerable System)
High
Integrity (Vulnerable System)
High
Availability (Vulnerable System)
High
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
None
E
Unchanged
AU
None
R
Unchanged
V
D
RE
Low
U
Amber
Affected products
- NETGEAR / R62600 – 1.1.0.86
- NETGEAR / R68500 – 1.1.0.86