VYPR
Unrated severityNVD Advisory· Published Sep 11, 2019· Updated Aug 4, 2024

CVE-2019-5054

CVE-2019-5054

Description

An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) HTTP server. An HTTP request with an empty User-Agent string sent to a page requiring authentication can cause a null pointer dereference, resulting in the HTTP service crashing. An unauthenticated attacker can send a specially crafted HTTP request to trigger this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Netgear/WNR2000v5llm-create2 versions
    = V1.0.0.70+ 1 more
    • (no CPE)range: = V1.0.0.70
    • (no CPE)range: Firmware Version V1.0.0.70

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.