CVE-2020-35225

MEDIUM

NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 - Denial of Service via NSDP Protocol String Parameter

Title source: llm
STIX 2.1

Description

The NSDP protocol implementation on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was not properly validating the length of string parameters sent in write requests, potentially allowing denial of service attacks.

Scores

CVSS v3 6.8
EPSS 0.0064
EPSS Percentile 46.3%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-120
Status published
Products (2)
netgear/gs116e_firmware 2.6.0.43
netgear/jgs516pe_firmware 2.6.0.43
Published Mar 10, 2021
Tracked Since Feb 18, 2026