CVE-2018-21226
HIGHNETGEAR JNR1010v2 JWNR2010v5 WNR1000v4 WNR2020 WNR2050 < 1.1.0.48 - Unauthenticated Authentication Bypass
Title source: llmDescription
Certain NETGEAR devices are affected by authentication bypass. This affects JNR1010v2 before 1.1.0.48, JWNR2010v5 before 1.1.0.48, WNR1000v4 before 1.1.0.48, WNR2020 before 1.1.0.48, and WNR2050 before 1.1.0.48.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://kb.netgear.com/000055110/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-PSV-2017-0748
Scores
CVSS v3
8.8
EPSS
0.0012
EPSS Percentile
30.7%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
Status
published
Products (5)
netgear/jnr1010_firmware
< 1.1.0.48
netgear/jwnr2010_firmware
< 1.1.0.48
netgear/wnr1000_firmware
< 1.1.0.48
netgear/wnr2020_firmware
< 1.1.0.48
netgear/wnr2050_firmware
< 1.1.0.48
Published
Apr 28, 2020
Tracked Since
Feb 18, 2026