Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106.
References
Link | Resource |
---|---|
https://kb.netgear.com/000064077/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-PSV-2020-0017 | Patch Vendor Advisory |
https://kb.netgear.com/000064077/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-PSV-2020-0017 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
History
21 Nov 2024, 06:32
Type | Values Removed | Values Added |
---|---|---|
References | () https://kb.netgear.com/000064077/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-PSV-2020-0017 - Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 3.5
v3 : 3.2 |
Information
Published : 2021-12-26 01:15
Updated : 2024-11-21 06:32
NVD link : CVE-2021-45674
Mitre link : CVE-2021-45674
CVE.ORG link : CVE-2021-45674
JSON object : View
Products Affected
netgear
- r7000
- rax15
- r7900
- rax80
- rax200_firmware
- rax20
- r8000_firmware
- rax75
- r7900_firmware
- rax15_firmware
- rax20_firmware
- rax200
- rax80_firmware
- rax75_firmware
- r8000
- r7000_firmware
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')