CVE-2021-45668
4.8
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Exploitability: 1.7 / Impact: 2.7
Source: NVD
Description
Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, R7900P before 1.4.1.66, R8000P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106.
Affected (17)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.48 |
| Running on/with | Platform Versions |
|---|---|
Netgear Eax20 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.64 |
| Running on/with | Platform Versions |
|---|---|
Netgear Eax80 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.64 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex6120 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.44 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex6130 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.72 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex7500 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.4.1.66 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7960p | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.106 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax200 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.90 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex3700 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.4.1.66 |
| Running on/with | Platform Versions |
|---|---|
Netgear R8000p | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.82 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax20 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.72 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax45 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.106 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax80 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.90 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex3800 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.4.1.66 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7900p | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.82 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax15 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.2.72 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax50 | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.106 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax75 | All versions |
References (2)
Source: cve@mitre.org
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Timeline
No history available yet.