CVE-2020-26921

HIGH

NETGEAR GS110EMX/GS810EMX/XS512EM/XS724EM Firmware - Unauthenticated Authentication Bypass

Title source: llm

Description

Certain NETGEAR devices are affected by authentication bypass. This affects GS110EMX before 1.0.1.7, GS810EMX before 1.7.1.3, XS512EM before 1.0.1.3, and XS724EM before 1.0.1.3.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://kb.netgear.com/000062332/Security-Advisory-for-Authentication-Bypass-on-Some-Smart-Managed-Plus-Switches-PSV-2020-0305

Scores

CVSS v3 8.3

EPSS 0.0013

EPSS Percentile 32.3%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

Details

CWE

CWE-287

Status published

Products (4)

netgear/gs110emx_firmware < 1.0.1.7

netgear/gs810emx_firmware < 1.7.1.3

netgear/xs512em_firmware < 1.0.1.3

netgear/xs724em_firmware < 1.0.1.3

Published Oct 09, 2020

Tracked Since Feb 18, 2026