{"vulnerability": "CVE-2020-35227", "sightings": [{"uuid": "4783a5c3-f2c7-4ecd-8aa9-d86fc485f251", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35227", "type": "seen", "source": "https://t.me/cibsecurity/24734", "content": "\u203c CVE-2020-35227 \u203c\n\nA buffer overflow vulnerability in the access control section on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices (in the administration web panel) allows an attacker to inject IP addresses into the whitelist via the checkedList parameter to the delete command.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-10T22:53:15.000000Z"}, {"uuid": "9f279137-c308-488e-9b74-77dfc2a1559c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35227", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2861", "content": "#Hardware_Security\nMultiple Vulnerabilities in Netgear ProSAFE Plus JGS516PE/GS116Ev2 Switches (PoCs)\nhttps://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches\n// - Unauthenticated RCE (CVE-2020-26919)\n- NSDP Auth Bypass (CVE-2020-35231)\n- Unauth Firmware Upd Mechanism (CVE-2020-35220)\n- TFTP Ineffective Firmware Checks (CVE-2020-35232)\n- Unauth BoF (CVE-2020-35224)\n- Insecure Password Hashing Mechanism (CVE-2020-35221)\n- Authentication Token Reuse (CVE-2020-35229)\n- Stored XSS in Language Settings (CVE-2020-35228)\n- Buffer Overflow in IP Source Params (CVE-2020-35227)\n- Unauthenticated Write Access to DHCP Configuration (CVE-2020-35226)\n- Unauthenticated Access to Switch Configuration Parameters (CVE-2020-35222)\n- TFTP Unexpected Behaviours (CVE-2020-35233)\n- Multiple Integer Overflow Instances (CVE-2020-35230)\n- Multiple Write Commands BoF (CVE-2020-35225)\n- Ineffective CSRF Protections (CVE-2020-35223)", "creation_timestamp": "2024-10-09T19:00:25.000000Z"}]}