CVE-2021-45673
MEDIUM WAF: High
CVSS 5.4
Published: 2021-12-26
CWE-79
Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX200 before 1.0.3.106, R7000P before 1.3.3.140, RAX80 before 1.0.3.106, R6900P before 1.3.3.140, and RAX75 before 1.0.3.106.
WAF Coverage Analysis
Cross-Site Scripting (XSS)
High WAF Coverage
OWASP: A03:2021 Injection
941xxx - XSS / XXE
Affected Software
| Vendor | Product | Version |
|---|---|---|
| netgear | r7000_firmware | up to 1.0.11.110 |
| netgear | r7900_firmware | up to 1.0.4.30 |
| netgear | r8000_firmware | up to 1.0.4.62 |
| netgear | rax200_firmware | up to 1.0.3.106 |
| netgear | r7000p_firmware | up to 1.3.3.140 |
| netgear | rax80_firmware | up to 1.0.3.106 |
| netgear | r6900p_firmware | up to 1.3.3.140 |
| netgear | rax75_firmware | up to 1.0.3.106 |
References
- kb.netgear.com (Patch, Vendor Advisory)