CVE-2020-35225
Description
The NSDP protocol implementation on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was not properly validating the length of string parameters sent in write requests, potentially allowing denial of service attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Improper input validation in Netgear JGS516PE/GS116Ev2 NSDP protocol causes denial of service.
Vulnerability
The NSDP protocol implementation on Netgear JGS516PE and GS116Ev2 switches, firmware version v2.6.0.43, does not properly validate the length of string parameters sent in write requests. This lack of input validation can lead to a denial of service condition [1].
Exploitation
An attacker with network access to the switch can send a crafted write request containing an invalid-length string parameter to the NSDP protocol. No authentication is required, and the attack can be launched remotely [1].
Impact
Successful exploitation could render the switch unresponsive, resulting in a denial of service (DoS). This disrupts network operations and may require a physical reboot to restore functionality [1].
Mitigation
Netgear has not released a firmware update addressing CVE-2020-35225 as of the publication date. Users are advised to restrict network access to the affected switches and monitor for vendor patches. The devices are not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- NETGEAR/JGS516PE/GS116Ev2description
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.