High severity8.1NVD Advisory· Published Dec 30, 2020· Updated Jun 17, 2026
CVE-2020-35782
CVE-2020-35782
Description
Certain NETGEAR devices are affected by lack of access control at the function level. This affects JGS516PE before 2.6.0.48, JGS524Ev2 before 2.6.0.48, JGS524PE before 2.6.0.48, and GS116Ev2 before 2.6.0.48. The TFTP firmware update mechanism does not properly implement firmware validations, allowing remote attackers to write arbitrary data to internal memory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4Patches
Vulnerability mechanics
References
2- research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/nvdExploitThird Party Advisory
- kb.netgear.com/000062636/Security-Advisory-for-Missing-Function-Level-Access-Control-on-Some-Smart-Managed-Plus-Switches-PSV-2020-0378nvdVendor Advisory
News mentions
0No linked articles in our index yet.