CVE-2020-35229

GHSA-xcp9-f3w5-gqqw

The authentication token required to execute NSDP write requests on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices is not properly invalidated and can be reused until a new token is generated, which allows attackers (with access to network traffic) to effectively gain administrative privileges.

BDU:2021-01637

Уязвимость реализации протокола NSDP микропрограммного обеспечения сетевых устройств Netgear ProSafe Plus JGS516PE и ProSAFE Plus GS116Ev2, позволяющая нарушителю повысить свои привилегии