cpe:/o:netgear:wnr2000_firmware:1.0.0.70 CVE-2019-5054 2019-09-11T18:15:19.353-04:00 2019-09-13T10:11:09.383-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2019-09-13T08:35:33.417-04:00 MISC https://talosintelligence.com/vulnerability_reports/TALOS-2019-0831 An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) HTTP server. An HTTP request with an empty User-Agent string sent to a page requiring authentication can cause a null pointer dereference, resulting in the HTTP service crashing. An unauthenticated attacker can send a specially crafted HTTP request to trigger this vulnerability.