CVE-2020-35781
Description
NETGEAR NMS300 before 1.6.0.27 contains a denial-of-service vulnerability exploitable by an authenticated attacker over the network.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
NETGEAR NMS300 before 1.6.0.27 contains a denial-of-service vulnerability exploitable by an authenticated attacker over the network.
Vulnerability
NETGEAR NMS300 devices running firmware versions prior to 1.6.0.27 are affected by a denial-of-service vulnerability [1]. The vulnerability resides in the NMS300 management software and can be triggered without user interaction.
Exploitation
An attacker with low-privileged network access can exploit this vulnerability over the network (AV:N) with low complexity (AC:L) and no user interaction (UI:N) [1]. The exact attack vector is not detailed in the advisory, but the CVSS vector indicates the attacker does not need special privileges beyond a low-privileged account.
Impact
Successful exploitation results in a denial of service, affecting the availability of the NMS300 device [1]. The CVSS v3 score of 8.3 (High) also suggests potential impacts on confidentiality and integrity, though the advisory specifically highlights denial of service.
Mitigation
NETGEAR has released firmware version 1.6.0.27 to address this vulnerability [1]. Users are strongly recommended to download and install the latest firmware from NETGEAR Support. No workarounds are provided.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
1News mentions
0No linked articles in our index yet.