CVE-2019-19964

low

Description

On NETGEAR GS728TPS devices through 5.3.0.35, a remote attacker having network connectivity to the web-administration panel can access part of the web panel, bypassing authentication.

References

https://kb.netgear.com/000061738/Security-Advisory-for-Missing-Function-Level-Access-Control-on-GS728TPS-PSV-2020-0012

Details

Source: Mitre, NVD

Published: 2020-03-23

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 2.7

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Severity: Low

EPSS

EPSS: 0.00158