CVE-2020-35802 Vulnerability Analysis & Exploit Details

CVE-2020-35802 Vulnerability Summary

CVE-2020-35802: Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.14, RBW30 before 2.6.1.4, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, and RBS40V before 2.6.1.4.

Exploit Prediction Scoring System (EPSS)

The EPSS score estimates the probability that this vulnerability will be exploited in the near future.

EPSS Score: 0.168% (probability of exploit)

EPSS Percentile: 55.05% (lower percentile = lower relative risk)
This vulnerability is less risky than approximately 44.95% of others.

CVE-2020-35802 References

External References

• https://kb.netgear.com/000062720/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-WiFi-Systems-PSV-2020-0331
• https://kb.netgear.com/000062720/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-WiFi-Systems-PSV-2020-0331

CWE Common Weakness Enumeration

NVD-CWE-noinfo

Vulnerable Configurations

• cpe:2.3:o:netgear:cbr40_firmware:-:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:cbr40_firmware:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:cbr40_firmware:2.3.5.12:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:cbr40_firmware:2.3.5.12:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:cbr40_firmware:2.5.0.10:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:cbr40_firmware:2.5.0.10:*:*:*:*:*:*:*
• cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*
  cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbw30_firmware:-:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbw30_firmware:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbw30_firmware:2.1.2.6:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbw30_firmware:2.1.2.6:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbw30_firmware:2.1.4.16:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbw30_firmware:2.1.4.16:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbw30_firmware:2.2.1.204:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbw30_firmware:2.2.1.204:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbw30_firmware:2.5.0.4:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbw30_firmware:2.5.0.4:*:*:*:*:*:*:*
• cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*
  cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rax75_firmware:-:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rax75_firmware:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rax75_firmware:1.0.1.62:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rax75_firmware:1.0.1.62:*:*:*:*:*:*:*
• cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*
  cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rax80_firmware:-:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rax80_firmware:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rax80_firmware:1.0.1.40:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rax80_firmware:1.0.1.40:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rax80_firmware:1.0.1.62:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rax80_firmware:1.0.1.62:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rax80_firmware:1.0.3.88:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rax80_firmware:1.0.3.88:*:*:*:*:*:*:*
• cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*
  cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbk752_firmware:-:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbk752_firmware:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbk752_firmware:3.2.10.10:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbk752_firmware:3.2.10.10:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbk752_firmware:3.2.15.25:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbk752_firmware:3.2.15.25:*:*:*:*:*:*:*
• cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*
  cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbr750_firmware:-:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbr750_firmware:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbr750_firmware:3.2.10.10:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbr750_firmware:3.2.10.10:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbr750_firmware:3.2.15.25:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbr750_firmware:3.2.15.25:*:*:*:*:*:*:*
• cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*
  cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbs750_firmware:-:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbs750_firmware:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbs750_firmware:3.2.10.10:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbs750_firmware:3.2.10.10:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbs750_firmware:3.2.15.25:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbs750_firmware:3.2.15.25:*:*:*:*:*:*:*
• cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*
  cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbk852_firmware:-:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbk852_firmware:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbk852_firmware:3.2.10.11:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbk852_firmware:3.2.10.11:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbk852_firmware:3.2.15.25:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbk852_firmware:3.2.15.25:*:*:*:*:*:*:*
• cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*
  cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbr850_firmware:-:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbr850_firmware:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbr850_firmware:3.1.5.23:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbr850_firmware:3.1.5.23:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbr850_firmware:3.2.7.2:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbr850_firmware:3.2.7.2:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbr850_firmware:3.2.8.5:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbr850_firmware:3.2.8.5:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbr850_firmware:3.2.9.2:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbr850_firmware:3.2.9.2:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbr850_firmware:3.2.10.11:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbr850_firmware:3.2.10.11:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbr850_firmware:3.2.11.2:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbr850_firmware:3.2.11.2:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbr850_firmware:3.2.15.25:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbr850_firmware:3.2.15.25:*:*:*:*:*:*:*
• cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*
  cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbs850_firmware:-:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbs850_firmware:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbs850_firmware:3.1.5.23:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbs850_firmware:3.1.5.23:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbs850_firmware:3.2.7.2:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbs850_firmware:3.2.7.2:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbs850_firmware:3.2.8.5:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbs850_firmware:3.2.8.5:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbs850_firmware:3.2.9.2:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbs850_firmware:3.2.9.2:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbs850_firmware:3.2.10.11:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbs850_firmware:3.2.10.11:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbs850_firmware:3.2.11.2:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbs850_firmware:3.2.11.2:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbs850_firmware:3.2.15.25:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbs850_firmware:3.2.15.25:*:*:*:*:*:*:*
• cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*
  cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbk842_firmware:3.2.10.11:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbk842_firmware:3.2.10.11:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbk842_firmware:3.2.15.25:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbk842_firmware:3.2.15.25:*:*:*:*:*:*:*
• cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*
  cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbr840_firmware:3.2.7.2:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbr840_firmware:3.2.7.2:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbr840_firmware:3.2.8.5:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbr840_firmware:3.2.8.5:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbr840_firmware:3.2.9.2:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbr840_firmware:3.2.9.2:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbr840_firmware:3.2.10.11:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbr840_firmware:3.2.10.11:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbr840_firmware:3.2.11.2:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbr840_firmware:3.2.11.2:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbr840_firmware:3.2.15.25:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbr840_firmware:3.2.15.25:*:*:*:*:*:*:*
• cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*
  cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbs840_firmware:3.2.7.2:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbs840_firmware:3.2.7.2:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbs840_firmware:3.2.8.5:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbs840_firmware:3.2.8.5:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbs840_firmware:3.2.9.2:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbs840_firmware:3.2.9.2:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbs840_firmware:3.2.10.11:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbs840_firmware:3.2.10.11:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbs840_firmware:3.2.11.2:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbs840_firmware:3.2.11.2:*:*:*:*:*:*:*
• cpe:2.3:o:netgear:rbs840_firmware:3.2.15.25:*:*:*:*:*:*:*
  cpe:2.3:o:netgear:rbs840_firmware:3.2.15.25:*:*:*:*:*:*:*
• cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*
  cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*
• cpe:2.3:h:netgear:rbs840v:-:*:*:*:*:*:*:*
  cpe:2.3:h:netgear:rbs840v:-:*:*:*:*:*:*:*

Other 5 Recently Published CVEs Vulnerabilities

• CVE-2026-57997 – Strapi users-permissions plugin fails to restrict JWT algorithms when plugin::users-permissions.jwt.algorithm is not explicitly configured, allowin...
• CVE-2026-51221 – A buffer overflow in the Get_Attribute_List function of EIPStackGroup OpENer commit 76b95c allows attackers to cause a Denial of Service (DoS) via ...
• CVE-2026-34592 – Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, Coolify server and pro...
• CVE-2026-10647 – The USB CDC-NCM device class (subsys/usb/device_next/class/usbd_cdc_ncm.c) ignores the return value of usbd_ep_enqueue() in its ethernet transmit c...
• CVE-2026-55957 – Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed...