Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2016-10864

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-08 Aug, 2019 | 12:48
Updated At-06 Aug, 2024 | 03:38
Rejected At-
Credits

NETGEAR EX7000 V1.0.0.42_1.0.94 devices allow XSS via the SSID.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:08 Aug, 2019 | 12:48
Updated At:06 Aug, 2024 | 03:38
Rejected At:
▼CVE Numbering Authority (CNA)

NETGEAR EX7000 V1.0.0.42_1.0.94 devices allow XSS via the SSID.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.pentestpartners.com/security-blog/netgear-ex7000-wi-fi-range-extender-minor-xss-and-poor-password-handling/
x_refsource_MISC
Hyperlink: https://www.pentestpartners.com/security-blog/netgear-ex7000-wi-fi-range-extender-minor-xss-and-poor-password-handling/
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.pentestpartners.com/security-blog/netgear-ex7000-wi-fi-range-extender-minor-xss-and-poor-password-handling/
x_refsource_MISC
x_transferred
Hyperlink: https://www.pentestpartners.com/security-blog/netgear-ex7000-wi-fi-range-extender-minor-xss-and-poor-password-handling/
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:08 Aug, 2019 | 13:15
Updated At:19 Aug, 2019 | 19:00

NETGEAR EX7000 V1.0.0.42_1.0.94 devices allow XSS via the SSID.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.05.2MEDIUM
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Primary2.02.9LOW
AV:A/AC:M/Au:N/C:N/I:P/A:N
Type: Primary
Version: 3.0
Base score: 5.2
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Type: Primary
Version: 2.0
Base score: 2.9
Base severity: LOW
Vector:
AV:A/AC:M/Au:N/C:N/I:P/A:N
CPE Matches
NETGEAR, Inc.
netgear
>>ex7000_firmware>>Versions up to 1.0.0.42_1.0.94(inclusive)
cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex7000>>-
cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-79Primarynvd@nist.gov
CWE ID: CWE-79
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.pentestpartners.com/security-blog/netgear-ex7000-wi-fi-range-extender-minor-xss-and-poor-password-handling/cve@mitre.org
Exploit
Third Party Advisory
Hyperlink: https://www.pentestpartners.com/security-blog/netgear-ex7000-wi-fi-range-extender-minor-xss-and-poor-password-handling/
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

190Records found
CVE-2020-11774
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.43% / 61.42%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 13:52
Updated-04 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwared7800r9000r7500r7500_firmwarer7800rax120_firmwarexr500xr500_firmwarer7800_firmwarexr700_firmwarerax120xr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-11786
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.36% / 57.38%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 17:01
Updated-04 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBK50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwarexr700d7800rbs50_firmwarerbs50r9000r7500rbr50_firmwarer7500_firmwarerbr50r7800rax120_firmwarexr500_firmwarerbk50r7800_firmwarexr700_firmwarerbk50_firmwarerax120xr500n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-11777
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.38% / 58.37%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 13:55
Updated-04 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by Stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwared7800r9000r7500r7500_firmwarer7800rax120_firmwarexr500xr500_firmwarer7800_firmwarexr700_firmwarerax120xr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-11773
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.21% / 43.86%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 13:51
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwared7800r9000r7500r7500_firmwarer7800rax120_firmwarexr500xr500_firmwarer7800_firmwarexr700_firmwarerax120xr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-11784
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.23% / 45.82%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 16:06
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBK50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwarexr700d7800rbs50_firmwarerbs50r9000r7500rbr50_firmwarer7500_firmwarerbr50r7800rax120_firmwarexr500_firmwarerbk50r7800_firmwarexr700_firmwarerbk50_firmwarerax120xr500n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-11776
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.43% / 61.42%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 13:54
Updated-04 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwared7800r9000r7500r7500_firmwarer7800rax120_firmwarexr500xr500_firmwarer7800_firmwarexr700_firmwarerax120xr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-11778
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.38% / 58.37%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 13:56
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwared7800r9000r7500r7500_firmwarer7800rax120_firmwarexr500xr500_firmwarer7800_firmwarexr700_firmwarerax120xr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-11785
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.34% / 56.25%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 16:07
Updated-04 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBK50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwarexr700d7800rbs50_firmwarerbs50r9000r7500rbr50_firmwarer7500_firmwarerbr50r7800rax120_firmwarexr500_firmwarerbk50r7800_firmwarexr700_firmwarerbk50_firmwarerax120xr500n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-11780
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.36% / 57.38%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 15:08
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwared7800r9000r7500r7500_firmwarer7800rax120_firmwarexr500xr500_firmwarer7800_firmwarexr700_firmwarerax120xr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-11787
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.23% / 45.82%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 17:04
Updated-04 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBK50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rbk20r8900_firmwarerbr40_firmwarerbs20_firmwared7800rbk40r7500_firmwarerbr20xr500_firmwarerbk40_firmwarexr700_firmwarerax120xr500rbs40d7800_firmwarer8900r9000_firmwarerbs40_firmwarerbs20rbs50_firmwarerbr40rbs50r9000r7500rbr50_firmwarerbr50r7800rax120_firmwarerbr20_firmwarerbk50r7800_firmwarerbk50_firmwarerbk20_firmwarexr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-11771
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.43% / 61.42%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 13:48
Updated-04 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwared7800r9000r7500r7500_firmwarer7800rax120_firmwarexr500xr500_firmwarer7800_firmwarexr700_firmwarerax120xr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-11782
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.36% / 57.38%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 15:10
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwared7800r9000r7500r7500_firmwarer7800rax120_firmwarexr500xr500_firmwarer7800_firmwarexr700_firmwarerax120xr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-11769
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.25% / 48.44%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 13:45
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBK50 before 2.3.5.30, RBS50 before 2.3.5.30, RBK50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rbk20r8900_firmwarerbr40_firmwarerbs20_firmwared7800rbk40r7500_firmwarerbr20xr500_firmwarerbk40_firmwarexr700_firmwarerax120xr500rbs40d7800_firmwarer8900r9000_firmwarerbs40_firmwarerbs20rbs50_firmwarerbr40rbs50r9000r7500r7800rax120_firmwarerbr20_firmwarerbk50r7800_firmwarerbk50_firmwarerbk20_firmwarexr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2019-12512
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.33% / 55.29%
||
7 Day CHG~0.00%
Published-24 Feb, 2020 | 18:16
Updated-04 Aug, 2024 | 23:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stored XSS via X-Forwarded-For Header During Incorrect Login

In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, an attacker may execute stored XSS attacks against this device by supplying a malicious X-Forwarded-For header while performing an incorrect login attempt. The value supplied by this header will be inserted into administrative logs, found at Advanced settings->Administration->Logs, and may trigger when the page is viewed. Although this value is inserted into a textarea tag, the attack simply needs to supply a closing textarea tag.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-nighthawk_x10-r9000_firmwarenighthawk_x10-r9000n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2014-3919
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.3||CRITICAL
EPSS-0.33% / 54.92%
||
7 Day CHG~0.00%
Published-13 Feb, 2020 | 19:00
Updated-06 Aug, 2024 | 10:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability exists in Netgear CG3100 devices before 3.9.2421.13.mp3 V0027 via an embed malicious script in an unspecified page, which could let a malicious user obtain sensitive information.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-cg3100_firmwarecg3100n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2017-18815
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.2||MEDIUM
EPSS-0.17% / 38.36%
||
7 Day CHG~0.00%
Published-21 Apr, 2020 | 14:12
Updated-05 Aug, 2024 | 21:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NETGEAR ReadyNAS OS 6 devices, running ReadyNAS OS versions prior to 6.8.0 are affected by stored XSS.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-readynas_osn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2017-18785
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.2||MEDIUM
EPSS-0.03% / 8.22%
||
7 Day CHG~0.00%
Published-22 Apr, 2020 | 14:23
Updated-05 Aug, 2024 | 21:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by XSS. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before 1.1.00.24, D6220 before 1.0.0.32, D6400 before 1.0.0.66, D7000 before 1.0.1.52, D7000v2 before 1.0.0.44, D7800 before 1.0.1.30, D8500 before 1.0.3.35, DGN2200v4 before 1.0.0.96, DGN2200Bv4 before 1.0.0.96, EX2700 before 1.0.1.28, EX6100v2 before 1.0.1.54, EX6150v2 before 1.0.1.54, EX6200v2 before 1.0.1.52, EX6400 before 1.0.1.72, EX7300 before 1.0.1.72, EX8000 before 1.0.0.102, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6080 before 1.0.0.26, R6100 before 1.0.1.20, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.0.1.32, R6400v2 before 1.0.2.46, R6700 before 1.0.1.36, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, R6700v2 before 1.2.0.12, R6900 before 1.0.1.34, R6900P before 1.3.0.8, R7000 before 1.0.9.18, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.58, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R7900 before 1.0.2.4, R7900P before 1.1.5.14, R8000 before 1.0.4.4, R8000P before 1.1.5.14, R8500 before 1.0.2.110, R8300 before 1.0.2.110, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.8, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.42, WNDR3400v3 before 1.0.1.16, WNDR3700v4 before 1.0.2.94, WNDR4300 before 1.0.2.96, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.62, WNR2020 before 1.1.0.44, WNR2050 before 1.1.0.44, and WNR3500Lv2 before 1.2.0.46.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-wn2000rpt_firmwarewnr2020_firmwarewndr3700pr2000r6080_firmwarer6400_firmwareex6200r7100lgwn3100rp_firmwarewndr4300_firmwarer6900p_firmwared6220r7500_firmwarer7100lg_firmwarer8500_firmwarer7300dst_firmwarer8300r7000_firmwarer6020wndr4500d3600r7300dstd6220_firmwarer6300_firmwared8500_firmwaredgn2200b_firmwarer7900pr6020_firmwareex7300wn3000rp_firmwared7000r9000_firmwared8500r6080dgn2200br6700wndr3700_firmwarer7000wnr2000_firmwarewnr3500l_firmwared6000ex6200_firmwareex6150d6400r7500r9000wn2000rptr6900_firmwarer7800r7900_firmwareex2700_firmwared6200r7800_firmwarer6700_firmwarer7900p_firmwarer6800_firmwarewnr2000ex6150_firmwarer8000_firmwarer6250ex6400jnr1010_firmwarewn3000rpd6000_firmwareex6400_firmwarewnr2020ex7300_firmwarer8000r6900pd7800jwnr2010r6100_firmwarer7900r8000pex8000wndr3400d3600_firmwarer6800wnr1000_firmwarewn3100rpdgn2200pr2000_firmwarer8000p_firmwared6100_firmwared6400_firmwarer6100r6250_firmwareex6100r7000p_firmwared7800_firmwarer8500ex8000_firmwarewndr3400_firmwared7000_firmwarer8300_firmwarewnr1000wndr4500_firmwareex2700r6900r7000pwnr3500ld6200_firmwaredgn2200_firmwarewnr2050ex6100_firmwared6100wnr2050_firmwarer6300jnr1010wndr4300r6400jwnr2010_firmwaren/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2018-21209
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.8||MEDIUM
EPSS-0.26% / 49.01%
||
7 Day CHG~0.00%
Published-28 Apr, 2020 | 15:32
Updated-05 Aug, 2024 | 12:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by reflected XSS. This affects JNR1010v2 before 1.1.0.46, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.46, PR2000 before 1.0.0.20, R6050 before 1.0.1.10, R6220 before 1.1.0.60, WNDR3700v5 before 1.1.0.50, WNR1000v4 before 1.1.0.46, WNR2020 before 1.1.0.46, and WNR2050 before 1.1.0.46.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-jnr1010_firmwarewnr2020_firmwarewndr3700wnr2020r6220_firmwarewndr3700_firmwarepr2000wnr1000jwnr2010wnr1000_firmwarer6050_firmwarer6050pr2000_firmwarewnr2050r6220jr6150jr6150_firmwarewnr2050_firmwarejnr1010jwnr2010_firmwaren/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2013-3517
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.28% / 51.07%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 18:03
Updated-06 Aug, 2024 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR3500L.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-wnr3500u_firmwarewnr3500uwnr3500l_firmwarewnr3500ln/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2018-21167
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.8||MEDIUM
EPSS-0.03% / 6.32%
||
7 Day CHG~0.00%
Published-27 Apr, 2020 | 17:28
Updated-05 Aug, 2024 | 12:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.57, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.78, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.42, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-wn2000rpt_firmwarewn3000rpex6400_firmwarewndr3700ex7300_firmwarer8900_firmwarer6100_firmwareex6200dm200_firmwarewn3100rp_firmwareex8000wndr4300_firmwarer7500_firmwarewn3100rpd6100_firmwarewndr4500r6100ex7300ex6100wn3000rp_firmwaredm200ex8000_firmwarer8900r9000_firmwarewndr3700_firmwarewndr4500_firmwarewnr2000_firmwareex2700ex6200_firmwareex6150r7500r9000wn2000rptr7800ex2700_firmwareex6100_firmwared6100wndr4300r7800_firmwareex6400wnr2000ex6150_firmwaren/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2013-3069
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-3.5||LOW
EPSS-0.16% / 37.27%
||
7 Day CHG~0.00%
Published-25 Apr, 2014 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple cross-site scripting (XSS) vulnerabilities in NETGEAR WNDR4700 with firmware 1.0.0.34 allow remote authenticated users to inject arbitrary web script or HTML via the (1) UserName or (2) Password to the NAS User Setup page, (3) deviceName to USB_advanced.htm, or (4) Network Key to the Wireless Setup page.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-wndr4700wndr4700_firmwaren/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2018-21095
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.07% / 21.25%
||
7 Day CHG~0.00%
Published-27 Apr, 2020 | 15:54
Updated-05 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects SRR60 before 2.2.1.210 and SRS60 before 2.2.1.210.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-srs60srr60srs60_firmwaresrr60_firmwaren/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35818
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.46% / 63.01%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:33
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rbk20r8900_firmwarerbr40_firmwarerbs20_firmwared7800rbk40rbr20xr500_firmwarer7500v2_firmwarerbk40_firmwarexr700_firmwarerax120xr500rbs40d7800_firmwarer8900r9000_firmwarerbs40_firmwarerbs20rbs50_firmwarerbr40rbs50r9000rbr50_firmwarerbr50r7500v2r7800rax120_firmwarerbr20_firmwarerbk50r7800_firmwarerbk50_firmwarerbk20_firmwarexr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35834
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.40% / 60.08%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:31
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwared7800r9000r7500v2r7800rax120_firmwarexr500xr500_firmwarer7800_firmwarer7500v2_firmwarexr700_firmwarerax120xr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35811
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.40% / 60.14%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:36
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rbk20r8900_firmwarerbr40_firmwarerbs20_firmwared7800rbk40rbr20xr500_firmwarer7500v2_firmwarerbk40_firmwarexr700_firmwarerax120xr500rbs40d7800_firmwarer8900r9000_firmwarerbs40_firmwarerbs20rbs50_firmwarerbr40rbs50r9000rbr50_firmwarerbr50r7500v2r7800rax120_firmwarerbr20_firmwarerbk50r7800_firmwarerbk50_firmwarerbk20_firmwarexr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35812
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.40% / 60.14%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:36
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rbk20r8900_firmwarerbr40_firmwarerbs20_firmwared7800rbk40rbr20xr500_firmwarer7500v2_firmwarerbk40_firmwarexr700_firmwarerax120xr500rbs40d7800_firmwarer8900r9000_firmwarerbs40_firmwarerbs20rbs50_firmwarerbr40rbs50r9000rbr50_firmwarerbr50r7500v2r7800rax120_firmwarerbr20_firmwarerbk50r7800_firmwarerbk50_firmwarerbk20_firmwarexr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35832
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.40% / 60.14%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:31
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rbk20r8900_firmwarerbr40_firmwarerbs20_firmwared7800rbk40rbr20xr500_firmwarer7500v2_firmwarerbk40_firmwarexr700_firmwarerax120xr500rbs40d7800_firmwarer8900r9000_firmwarerbs40_firmwarerbs20rbs50_firmwarerbr40rbs50r9000rbr50_firmwarerbr50r7500v2r7800rax120_firmwarerbr20_firmwarerbk50r7800_firmwarerbk50_firmwarerbk20_firmwarexr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35836
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.40% / 60.08%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:30
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, XR500 before 2.3.2.56, XR700 before 1.0.1.10, and RAX120 before 1.0.0.78.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwared7800r9000r7500v2r7800rax120_firmwarexr500xr500_firmwarer7800_firmwarer7500v2_firmwarexr700_firmwarerax120xr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35831
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.27% / 50.58%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:31
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwarexr700d7800rbs50_firmwarerbs50r9000rbr50_firmwarerbr50r7500v2r7800rax120_firmwarexr500_firmwarerbk50r7500v2_firmwarer7800_firmwarexr700_firmwarerbk50_firmwarerax120xr500n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35807
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.05% / 13.81%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:37
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.68, RAX120 before 1.0.0.78, RBK22 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and WN3000RPv2 before 1.0.0.78.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rbs40d7800_firmwarewn3000rpv2rbs40_firmwarewn3000rpv2_firmwarerbr40_firmwarerbs20_firmwared7800rbs20rbk22rbr40rbs50_firmwarerbs50rbr50_firmwarerbk40rbr20rbr50r7800rax120_firmwarerbr20_firmwarerbk50rbk40_firmwarer7800_firmwarerbk50_firmwarerax120rbk22_firmwaren/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35816
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.40% / 60.08%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:34
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rbk20r8900_firmwarerbr40_firmwarerbs20_firmwared7800rbk40rbr20xr500_firmwarer7500v2_firmwarerbk40_firmwarexr700_firmwarerax120xr500rbs40d7800_firmwarer8900r9000_firmwarerbs40_firmwarerbs20rbs50_firmwarerbr40rbs50r9000rbr50_firmwarerbr50r7500v2r7800rax120_firmwarerbr20_firmwarerbk50r7800_firmwarerbk50_firmwarerbk20_firmwarexr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35805
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.46% / 63.01%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:37
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rbk20r8900_firmwarerbr40_firmwarerbs20_firmwared7800rbk40rbr20xr500_firmwarer7500v2_firmwarerbk40_firmwarexr700_firmwarerax120xr500rbs40d7800_firmwarer8900r9000_firmwarerbs40_firmwarerbs20rbs50_firmwarerbr40rbs50r9000rbr50_firmwarerbr50r7500v2r7800rax120_firmwarerbr20_firmwarerbk50r7800_firmwarerbk50_firmwarerbk20_firmwarexr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35825
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.26% / 49.28%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:32
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwarexr700d7800rbs50_firmwarerbs50r9000rbr50_firmwarerbr50r7500v2r7800rax120_firmwarexr500_firmwarerbk50r7500v2_firmwarer7800_firmwarexr700_firmwarerbk50_firmwarerax120xr500n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35817
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.26% / 49.28%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:34
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwarexr700d7800rbs50_firmwarerbs50r9000rbr50_firmwarerbr50r7500v2r7800rax120_firmwarexr500_firmwarerbk50r7500v2_firmwarer7800_firmwarexr700_firmwarerbk50_firmwarerax120xr500n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35827
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.40% / 60.14%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:32
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, XR500 before 2.3.2.56, XR700 before 1.0.1.10, and RAX120 before 1.0.0.78.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwarexr700d7800rbs50_firmwarerbs50r9000rbr50_firmwarerbr50r7800rax120_firmwarexr500_firmwarerbk50r7800_firmwarexr700_firmwarerbk50_firmwarerax120xr500n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35815
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.46% / 63.01%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:35
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBK40 before 2.3.5.30, RBK40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarerbk20r8900_firmwarerbs20_firmwarexr700d7800rbs20rbs50_firmwarerbs50r9000rbk20_firmwarerbr50_firmwarerbk40rbr20rbr50r7500v2r7800rax120_firmwarerbr20_firmwarexr500_firmwarerbk50r7500v2_firmwarerbk40_firmwarer7800_firmwarexr700_firmwarerbk50_firmwarerax120xr500n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35828
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.40% / 60.14%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:32
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, RBK20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, XR500 before 2.3.2.56, XR700 before 1.0.1.10, RAX120 before 1.0.0.78, and R7500v2 before 1.0.3.46.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rbk20r8900_firmwarerbr40_firmwarerbs20_firmwared7800rbk40rbr20xr500_firmwarer7500v2_firmwarerbk40_firmwarexr700_firmwarerax120xr500rbs40d7800_firmwarer8900r9000_firmwarerbs40_firmwarerbs20rbs50_firmwarerbr40rbs50r9000rbr50_firmwarerbr50r7500v2r7800rax120_firmwarerbr20_firmwarerbk50r7800_firmwarerbk50_firmwarerbk20_firmwarexr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35835
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.40% / 60.08%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:31
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwared7800r9000r7500v2r7800rax120_firmwarexr500xr500_firmwarer7800_firmwarer7500v2_firmwarexr700_firmwarerax120xr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35810
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.26% / 49.08%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:36
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rbk20r8900_firmwarerbr40_firmwarerbs20_firmwared7800rbk40rbr20xr500_firmwarer7500v2_firmwarerbk40_firmwarexr700_firmwarerax120xr500rbs40d7800_firmwarer8900r9000_firmwarerbs40_firmwarerbs20rbs50_firmwarerbr40rbs50r9000rbr50_firmwarerbr50r7500v2r7800rax120_firmwarerbr20_firmwarerbk50r7800_firmwarerbk50_firmwarerbk20_firmwarexr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35839
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.42% / 61.33%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:30
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by Stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, XR500 before 2.3.2.56, XR700 before 1.0.1.10, and RAX120 before 1.0.0.78.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwared7800r9000r7500v2r7800rax120_firmwarexr500xr500_firmwarer7800_firmwarer7500v2_firmwarexr700_firmwarerax120xr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35837
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.14% / 34.94%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:30
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwared7800r9000r7500v2r7800rax120_firmwarexr500xr500_firmwarer7800_firmwarer7500v2_firmwarexr700_firmwarerax120xr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35819
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.37% / 57.98%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:33
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwarexr700d7800rbs50_firmwarerbs50r9000rbr50_firmwarerbr50r7500v2r7800rax120_firmwarexr500_firmwarerbk50r7500v2_firmwarer7800_firmwarexr700_firmwarerbk50_firmwarerax120xr500n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35820
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.40% / 60.08%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:33
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwarexr700d7800rbs50_firmwarerbs50r9000rbr50_firmwarerbr50r7500v2r7800rax120_firmwarexr500_firmwarerbk50r7500v2_firmwarer7800_firmwarexr700_firmwarerbk50_firmwarerax120xr500n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35806
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.27% / 49.97%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:37
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, RAX120 before 1.0.0.78, RBK22 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and WN3000RPv2 before 1.0.0.78.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rbs40d7800_firmwarewn3000rpv2rbs40_firmwarewn3000rpv2_firmwarerbr40_firmwarerbs20_firmwared7800rbs20rbk22rbr40rbs50_firmwarerbs50rbr50_firmwarerbk40rbr20rbr50r7500v2r7800rax120_firmwarerbr20_firmwarerbk50r7500v2_firmwarerbk40_firmwarer7800_firmwarerbk50_firmwarerax120rbk22_firmwaren/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35833
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.40% / 60.08%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:31
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rbk20r8900_firmwarerbr40_firmwarerbs20_firmwared7800rbk40rbr20xr500_firmwarer7500v2_firmwarerbk40_firmwarexr700_firmwarerax120xr500rbs40d7800_firmwarer8900r9000_firmwarerbs40_firmwarerbs20rbs50_firmwarerbr40rbs50r9000rbr50_firmwarerbr50r7500v2r7800rax120_firmwarerbr20_firmwarerbk50r7800_firmwarerbk50_firmwarerbk20_firmwarexr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35840
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.34% / 56.20%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:30
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JNR1010v2 before 1.1.0.62, JR6150 before 1.0.1.24, JWNR2010v5 before 1.1.0.62, R6020 before 1.0.0.42, R6050 before 1.0.1.24, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6260 before 1.1.0.76, WNR1000v4 before 1.1.0.62, WNR2020 before 1.1.0.62, and WNR2050 before 1.1.0.62.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7000wnr2020_firmwarer6120r6080d7000_firmwarewnr2020r6220_firmwarer6080_firmwarer6120_firmwared6200_firmwarer6050_firmwarer6050r6260_firmwarer6260jwnr2010v5_firmwarer6220wnr2050r6020wnr1000v4_firmwarewnr1000v4jwnr2010v5d6200jr6150_firmwarejr6150wnr2050_firmwarejnr1010v2_firmwarejnr1010v2r6020_firmwaren/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35814
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.46% / 63.01%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:35
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rbk20r8900_firmwarerbr40_firmwarerbs20_firmwared7800rbk40rbr20xr500_firmwarerbk40_firmwarexr700_firmwarerax120xr500rbs40d7800_firmwarer8900r9000_firmwarerbs40_firmwarerbs20rbs50_firmwarerbr40rbs50r9000rbr50_firmwarerbr50r7800rax120_firmwarerbr20_firmwarerbk50r7800_firmwarerbk50_firmwarerbk20_firmwarexr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35808
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.8||MEDIUM
EPSS-0.21% / 42.80%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:36
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.63, DM200 before 1.0.0.61, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN3000RPv2 before 1.0.0.68, and WNR2000v5 before 1.0.0.66.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r7800dm200r8900r9000_firmwarewn3000rpv2wnr2000v5_firmwared6100_firmwarewn3000rpv2_firmwared6100r8900_firmwarewnr2000v5r7800_firmwaredm200_firmwarer9000n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35822
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.40% / 60.14%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:33
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d7800_firmwarer8900r9000_firmwarer8900_firmwared7800r9000r7500r7500_firmwarer7800rax120_firmwarexr500xr500_firmwarer7800_firmwarexr700_firmwarerax120xr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-35821
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.40% / 60.14%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:33
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and XR700 before 1.0.1.10.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rbs40d7800_firmwarer8900r9000_firmwarerbk20rbs40_firmwarer8900_firmwarerbr40_firmwarerbs20_firmwared7800rbs20rbs50_firmwarerbr40rbs50r9000rbk20_firmwarerbr50_firmwarerbk40rbr20rbr50r7800rax120_firmwarerbr20_firmwarerbk50rbk40_firmwarer7800_firmwarexr700_firmwarerbk50_firmwarerax120xr700n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found