CVE-2021-45670
4.8
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Exploitability: 1.7 / Impact: 2.7
Source: NVD
Description
Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7000 before 1.0.11.116, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R7000P before 1.3.2.126, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800 before 1.0.0.90, MS60 before 1.0.6.110, R6900P before 1.3.2.126, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.
Affected (30)
Products: Netgear: Rax200 Firmware, Mr60 Firmware, Rax20 Firmware, Rax45 Firmware, Rax80 Firmware, Ms60 Firmware, Rax15 Firmware, Rax50 Firmware, Rax75 Firmware, Rbr750 Firmware, Rbr850 Firmware, Rbs750 Firmware, Rbs850 Firmware, Rbk752 Firmware, Rbk852 Firmware, Cbr40 Firmware, Eax20 Firmware, Eax80 Firmware, Ex6120 Firmware, Ex6130 Firmware, Ex7500 Firmware, Ex3700 Firmware, Ex3800 Firmware, R7000 Firmware, R7000p Firmware, R7900 Firmware, R8000 Firmware, R6900p Firmware, Rbs40v Firmware, Rbw30 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.106 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax200 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.6.110 |
| Running on/with | Platform Versions |
|---|---|
Netgear Mr60 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.82 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax20 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.72 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax45 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.106 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax80 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.6.110 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ms60 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.82 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax15 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.72 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax50 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.106 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax75 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.2.16.6 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbr750 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.2.16.6 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbr850 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.2.16.6 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbs750 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.2.16.6 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbs850 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.2.16.6 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbk752 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.2.16.6 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbk852 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.5.0.10 |
| Running on/with | Platform Versions |
|---|---|
Netgear Cbr40 | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.48 |
| Running on/with | Platform Versions |
|---|---|
Netgear Eax20 | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.64 |
| Running on/with | Platform Versions |
|---|---|
Netgear Eax80 | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.64 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex6120 | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.44 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex6130 | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.72 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex7500 | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.90 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex3700 | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.90 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex3800 | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.11.116 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7000 | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.3.2.126 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7000p | All versions |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.4.38 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7900 | All versions |
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.4.68 |
| Running on/with | Platform Versions |
|---|---|
Netgear R8000 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.3.2.126 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6900p | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.6.1.4 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbs40v | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.6.1.4 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbw30 | All versions |
References (2)
Source: cve@mitre.org
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Timeline
No history available yet.