{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T20:03:31.528","vulnerabilities":[{"cve":{"id":"CVE-2020-27867","sourceIdentifier":"zdi-disclosures@trendmicro.com","published":"2021-02-12T00:15:12.970","lastModified":"2024-11-21T05:21:57.877","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. When parsing the funjsq_access_token parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11653."},{"lang":"es","value":"Esta vulnerabilidad permite a los atacantes adyacentes a la red ejecutar código arbitrario en las instalaciones afectadas de los routers NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100 y Nighthawk AC2400. Aunque la autenticación es necesaria para explotar esta vulnerabilidad, el mecanismo de autenticación existente puede ser evitado. El fallo específico existe en el servicio mini_httpd, que escucha en el puerto TCP 80 por defecto. Al analizar el parámetro funjsq_access_token, el proceso no valida correctamente una cadena suministrada por el usuario antes de utilizarla para ejecutar una llamada al sistema. Un atacante puede aprovechar esta vulnerabilidad para ejecutar código en el contexto de root. Era ZDI-CAN-11653"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.9}],"cvssMetricV30":[{"source":"zdi-disclosures@trendmicro.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:S/C:C/I:C/A:C","baseScore":7.7,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":5.1,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"zdi-disclosures@trendmicro.com","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ac2100_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.0.76","matchCriteriaId":"8AB0B236-6BC6-4E99-8792-6B01BD591D3A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ac2100:-:*:*:*:*:*:*:*","matchCriteriaId":"A80B06A1-81B5-4C33-89F6-EC3F6E3068B5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ac2400_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.0.76","matchCriteriaId":"2B01C772-D1D4-41F1-A33D-72A6A672502A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ac2400:-:*:*:*:*:*:*:*","matchCriteriaId":"6B25A18F-DD96-45FE-B098-71E60CB0FFFE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:ac2600_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.0.76","matchCriteriaId":"BA359610-21DC-41C4-9430-8406B34490EB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:ac2600:-:*:*:*:*:*:*:*","matchCriteriaId":"2BFCD9A8-1846-48C4-9F14-3866E983FB74"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.0.76","matchCriteriaId":"E0FCF958-2F6A-4B79-B307-2FE23B7CE8FC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*","matchCriteriaId":"9F9706E6-CA53-43E4-91B0-D52655C86860"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.0.76","matchCriteriaId":"EA434604-4916-4830-A96B-CEC0C8E5A1A0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*","matchCriteriaId":"09404083-B00B-4C1F-8085-BC242E625CA3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.0.76","matchCriteriaId":"9E9457F1-F5E8-43CA-8697-3849E140B0CC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*","matchCriteriaId":"2E8EB69B-6619-47B6-A073-D0B840D4EB0B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r7200_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.0.76","matchCriteriaId":"4D95583A-EC79-41FF-9496-DAB19A1A34DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r7200:-:*:*:*:*:*:*:*","matchCriteriaId":"FECB83F9-D417-4FD3-B293-87BC177E3AEB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r7350_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.0.76","matchCriteriaId":"53B1B947-2E36-463C-848F-C5F5C0A5ECAF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r7350:-:*:*:*:*:*:*:*","matchCriteriaId":"AFD1A65C-F10F-4C52-8B6D-69992E512EB5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r7400_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.0.76","matchCriteriaId":"2A188F6E-5296-4511-97F2-9328B1E1F6CF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r7400:-:*:*:*:*:*:*:*","matchCriteriaId":"1F68AC3B-A31F-4AB0-89E9-BFFDE427AD3B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r7450_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.0.76","matchCriteriaId":"33043216-4563-4195-88D7-93446302ECD1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r7450:-:*:*:*:*:*:*:*","matchCriteriaId":"6DA5420D-DD64-4A9C-9B5F-784F0ED2B464"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.0.104","matchCriteriaId":"E662BF37-5D81-4B9F-898E-F91B09821555"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*","matchCriteriaId":"B131B5C8-CB7F-433B-BA32-F05CE0E92A66"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.0.104","matchCriteriaId":"7CD4B6F1-E58F-4B96-BF51-729F59FA1C8B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:*","matchCriteriaId":"C91CADFA-59DB-4B6C-A914-848884F4A4BD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.0.78","matchCriteriaId":"33824B9B-1224-484A-AFF4-953573F299C6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*","matchCriteriaId":"3C395D49-57F9-4BC1-8619-57127355B86B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6330_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.0.78","matchCriteriaId":"DBA2E978-FFF7-470D-90BA-4DBDC009B076"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6330:-:*:*:*:*:*:*:*","matchCriteriaId":"D621D26D-B144-424A-A9CB-19488399ACC1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6350_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.0.78","matchCriteriaId":"B2AE3CE4-23B0-467E-B522-A211048D6AF3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6350:-:*:*:*:*:*:*:*","matchCriteriaId":"4B302909-29CF-4E53-9CCB-8664D3FCB03A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6850_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.0.78","matchCriteriaId":"612DAD20-761D-41D5-A6AB-AA9975847D34"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6850:-:*:*:*:*:*:*:*","matchCriteriaId":"598B48C5-4706-4431-8C5A-DA496DD1052F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.0.76","matchCriteriaId":"B373C515-681A-4D80-9BFD-5E2DFD6F2DF0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*","matchCriteriaId":"D18D2CCD-424F-41D5-919B-E22B9FA68D36"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.0.48","matchCriteriaId":"6EC58A4B-E061-49ED-BB2D-E0497846DBEE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*","matchCriteriaId":"5DDA7ABF-4C4B-4945-993A-F93BD8FCB55E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.0.48","matchCriteriaId":"AF9D1B97-7FF8-45D9-BFD6-72554BBB6008"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*","matchCriteriaId":"1CEB5C49-53CF-44AE-9A7D-E7E6201BFE62"}]}]}],"references":[{"url":"https://kb.netgear.com/000062641/Security-Advisory-for-Password-Recovery-Vulnerabilities-on-Some-Routers","source":"zdi-disclosures@trendmicro.com","tags":["Vendor Advisory"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-1423/","source":"zdi-disclosures@trendmicro.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://kb.netgear.com/000062641/Security-Advisory-for-Password-Recovery-Vulnerabilities-on-Some-Routers","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-1423/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}