Netgear has released fixes for a pre-authentication command injection security vulnerability on the following product models:
NMS300, running firmware versions prior to 220.127.116.11
Netgear strongly recommends that you download the latest firmware as soon as possible.
CVE number – CVE-2020-35797
What is Netgear NMS300 ?
The NETGEAR Management System NMS300 delivers insight into network elements, including third-party devices. An intuitive, web-based user interface makes it easier to monitor and administer an entire network. It works with any managed device that uses industry-standard Simple Network Management Protocol (SNMP), such as Layer 2 switches, Layer 3 switches from any brand, wireless access points, traditional routers, servers and printers.