CVE-2019-20650

Vulnerability

This denial-of-service vulnerability affects the NETGEAR R8900, R9000, XR500, and XR700 routers when running firmware versions prior to 1.0.5.2 (R8900 and R9000), prior to 2.3.2.56 (XR500), or prior to 1.0.1.20 (XR700) [1]. The official advisory does not detail the root cause, but states that an attacker can exploit the flaw from the local network to cause a denial of service condition [1].

Exploitation

Exploitation requires the attacker to have network access to the affected device (adjacent network) [1]. According to the CVSS vector (AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H), the attack complexity is high, meaning that the attacker must identify and trigger a specific vulnerable code path [1]. No authentication or user interaction is needed [1]. The exact sequence of steps is not disclosed in the available references.

Impact

Successful exploitation results in a complete denial of service (availability impact is high) [1]. The attacker does not gain any access to data or control over the device (no confidentiality or integrity impact) [1]. The intended effect is to crash or render the router unresponsive until a reboot or power cycle.

Mitigation

NETGEAR has released fixed firmware versions for all affected models: 1.0.5.2 for the R8900 and R9000, 2.3.2.56 for the XR500, and 1.0.1.20 for the XR700 [1]. Users are strongly advised to update to the latest firmware as soon as possible via the NETGEAR Support page [1]. No workarounds have been published. This CVE is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog.