Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
History
21 Nov 2024, 06:32
Type | Values Removed | Values Added |
---|---|---|
References | () https://kb.netgear.com/000064120/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0247 - Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 3.5
v3 : 6.5 |
05 Jan 2022, 21:11
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-79 | |
References | (MISC) https://kb.netgear.com/000064120/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0247 - Patch, Vendor Advisory | |
CPE | cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 3.5
v3 : 4.8 |
26 Dec 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-12-26 01:15
Updated : 2024-11-21 06:32
NVD link : CVE-2021-45665
Mitre link : CVE-2021-45665
CVE.ORG link : CVE-2021-45665
JSON object : View
Products Affected
netgear
- rbr850
- eax20_firmware
- eax20
- rbs40v_firmware
- ex3700_firmware
- ex6130_firmware
- ex6120_firmware
- rbk752_firmware
- rbw30
- rbk752
- rbr850_firmware
- rbk852
- ex6120
- eax80
- rbs750
- ex7500_firmware
- eax80_firmware
- rbw30_firmware
- ex7500
- ex3800
- rbs750_firmware
- ex6130
- rbr750
- ex3700
- rbr750_firmware
- rbs850
- rbs40v
- ex3800_firmware
- rbk852_firmware
- rbs850_firmware
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')