Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-20715

Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.63, D7800 before 1.0.1.47, DM200 before 1.0.0.61, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, and RBS50 before 2.3.0.32.

Published

2020-04-16T19:15:24.823

Last Modified

2024-11-21T04:39:10.023

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.8 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:S/C:N/I:P/A:N

  • Access Vector: NETWORK
  • Access Complexity: MEDIUM
  • Authentication: SINGLE
  • Confidentiality Impact: NONE
  • Integrity Impact: PARTIAL
  • Availability Impact: NONE
Exploitability Score

6.8

Impact Score

2.9

Weaknesses
  • Type: Primary
    CWE-79
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System netgear d3600_firmware < 1.0.0.76 Yes
Hardware netgear d3600 - No
Operating System netgear d6000_firmware < 1.0.0.76 Yes
Hardware netgear d6000 - No
Operating System netgear d6100_firmware < 1.0.0.63 Yes
Hardware netgear d6100 - No
Operating System netgear d7800_firmware < 1.0.1.47 Yes
Hardware netgear d7800 - No
Operating System netgear dm200_firmware < 1.0.0.61 Yes
Hardware netgear dm200 - No
Operating System netgear r7500_firmware < 1.0.3.40 Yes
Hardware netgear r7500 v2 No
Operating System netgear r7800_firmware < 1.0.2.60 Yes
Hardware netgear r7800 - No
Operating System netgear rbk50_firmware < 2.3.0.32 Yes
Hardware netgear rbk50 - No
Operating System netgear rbr50_firmware < 2.3.0.32 Yes
Hardware netgear rbr50 - No
Operating System netgear rbs50_firmware < 2.3.0.32 Yes
Hardware netgear rbs50 - No
References