CVE-2021-45673
MEDIUM4.8CVSS v3
3.5CVSS v2
0.20%
EPSS (exploit probability)
CWE-79CWE
Description
Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX200 before 1.0.3.106, R7000P before 1.3.3.140, RAX80 before 1.0.3.106, R6900P before 1.3.3.140, and RAX75 before 1.0.3.106.
CVSS v3 vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Affected routers (3)
| Vendor | Model | Matched via | Affected versions | Fixed in | Patch Status |
|---|---|---|---|---|---|
| Netgear | Netgear Nighthawk R7000 | — |
versionEndExcluding=1.0.11.110 | 1.0.11.110 | Patched |
| Netgear | Netgear Nighthawk RAX200 | — |
versionEndExcluding=1.0.3.106 | 1.0.3.106 | Patched |
| Netgear | Netgear Nighthawk RAX80 | — |
versionEndExcluding=1.0.3.106 | 1.0.3.106 | Patched |