Nstarke

**Name of the Vulnerable Software and Affected Versions** NETGEAR D6200 versions prior to 1.1.00.40 NETGEAR D7000 versions prior to 1.0.1.78 NETGEAR R6020 versions prior to 1.0.0.48 NETGEAR R6080 versions prior to 1.0.0.48 NETGEAR R6120 versions prior to 1.0.0.76 NETGEAR R6220 versions prior to 1.1.0.110 NETGEAR R6230 versions prior to 1.1.0.110 NETGEAR R6260 versions prior to 1.1.0.78 NETGEAR R6800 versions prior to 1.2.0.76 NETGEAR R6900v2 versions prior to 1.2.0.76 NETGEAR R6700v2 versions prior to 1.2.0.76 NETGEAR R6850 versions prior to 1.1.0.78 NETGEAR R7200 versions prior to 1.2.0.76 NETGEAR R7350 versions prior to 1.2.0.76 NETGEAR R7400 versions prior to 1.2.0.76 NETGEAR R7450 versions prior to 1.2.0.76 NETGEAR AC2100 versions prior to 1.2.0.76 NETGEAR AC2400 versions prior to 1.2.0.76 NETGEAR AC2600 versions prior to 1.2.0.76 NETGEAR RAX40 versions prior to 1.0.3.62 **Description** The issue is related to Stored XSS, which exists due to inadequate protection of the web page structure. This allows a remote attacker to impact the confidentiality and integrity of protected information. **Recommendations** For NETGEAR D6200 versions prior to 1.1.00.40, update to version 1.1.00.40 or later. For NETGEAR D7000 versions prior to 1.0.1.78, update to version 1.0.1.78 or later. For NETGEAR R6020 versions prior to 1.0.0.48, update to version 1.0.0.48 or later. For NETGEAR R6080 versions prior to 1.0.0.48, update to version 1.0.0.48 or later. For NETGEAR R6120 versions prior to 1.0.0.76, update to version 1.0.0.76 or later. For NETGEAR R6220 versions prior to 1.1.0.110, update to version 1.1.0.110 or later. For NETGEAR R6230 versions prior to 1.1.0.110, update to version 1.1.0.110 or later. For NETGEAR R6260 versions prior to 1.1.0.78, update to version 1.1.0.78 or later. For NETGEAR R6800 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For NETGEAR R6900v2 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For NETGEAR R6700v2 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For NETGEAR R6850 versions prior to 1.1.0.78, update to version 1.1.0.78 or later. For NETGEAR R7200 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For NETGEAR R7350 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For NETGEAR R7400 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For NETGEAR R7450 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For NETGEAR AC2100 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For NETGEAR AC2400 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For NETGEAR AC2600 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For NETGEAR RAX40 versions prior to 1.0.3.62, update to version 1.0.3.62 or later.

**Name of the Vulnerable Software and Affected Versions** NETGEAR R6250 versions prior to 1.0.4.36 NETGEAR R6300v2 versions prior to 1.0.4.36 NETGEAR R6400 versions prior to 1.0.1.50 NETGEAR R6400v2 versions prior to 1.0.2.66 NETGEAR R6700v3 versions prior to 1.0.2.66 NETGEAR R6700 versions prior to 1.0.2.8 NETGEAR R6900 versions prior to 1.0.2.8 NETGEAR R7000 versions prior to 1.0.9.88 NETGEAR R6900P versions prior to 1.3.2.132 NETGEAR R7100LG versions prior to 1.0.0.52 NETGEAR R7900 versions prior to 1.0.3.10 NETGEAR R8000 versions prior to 1.0.4.46 NETGEAR R7900P versions prior to 1.4.1.50 NETGEAR R8000P versions prior to 1.4.1.50 NETGEAR RAX80 versions prior to 1.0.1.40 **Description** Certain NETGEAR devices are affected by command injection by an authenticated user. **Recommendations** For NETGEAR R6250 version prior to 1.0.4.36, update to version 1.0.4.36 or later. For NETGEAR R6300v2 version prior to 1.0.4.36, update to version 1.0.4.36 or later. For NETGEAR R6400 version prior to 1.0.1.50, update to version 1.0.1.50 or later. For NETGEAR R6400v2 version prior to 1.0.2.66, update to version 1.0.2.66 or later. For NETGEAR R6700v3 version prior to 1.0.2.66, update to version 1.0.2.66 or later. For NETGEAR R6700 version prior to 1.0.2.8, update to version 1.0.2.8 or later. For NETGEAR R6900 version prior to 1.0.2.8, update to version 1.0.2.8 or later. For NETGEAR R7000 version prior to 1.0.9.88, update to version 1.0.9.88 or later. For NETGEAR R6900P version prior to 1.3.2.132, update to version 1.3.2.132 or later. For NETGEAR R7100LG version prior to 1.0.0.52, update to version 1.0.0.52 or later. For NETGEAR R7900 version prior to 1.0.3.10, update to version 1.0.3.10 or later. For NETGEAR R8000 version prior to 1.0.4.46, update to version 1.0.4.46 or later. For NETGEAR R7900P version prior to 1.4.1.50, update to version 1.4.1.50 or later. For NETGEAR R8000P version prior to 1.4.1.50, update to version 1.4.1.50 or later. For NETGEAR RAX80 version prior to 1.0.1.40, update to version 1.0.1.40 or later.

**Name of the Vulnerable Software and Affected Versions** NETGEAR R6400 versions prior to 1.0.1.50 NETGEAR R7900P versions prior to 1.4.1.50 NETGEAR R8000P versions prior to 1.4.1.50 NETGEAR RAX75 versions prior to 1.0.1.62 NETGEAR RAX80 versions prior to 1.0.1.62 **Description** The issue affects certain NETGEAR devices, allowing command injection by an authenticated user. **Recommendations** For NETGEAR R6400 version prior to 1.0.1.50, update to version 1.0.1.50 or later. For NETGEAR R7900P version prior to 1.4.1.50, update to version 1.4.1.50 or later. For NETGEAR R8000P version prior to 1.4.1.50, update to version 1.4.1.50 or later. For NETGEAR RAX75 version prior to 1.0.1.62, update to version 1.0.1.62 or later. For NETGEAR RAX80 version prior to 1.0.1.62, update to version 1.0.1.62 or later.

**Name of the Vulnerable Software and Affected Versions** NETGEAR RAX40 versions prior to 1.0.3.64 **Description** The issue is related to stored XSS. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** For versions prior to 1.0.3.64, update to version 1.0.3.64 or later to resolve the issue. As a temporary workaround, consider restricting access to the device's web interface to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** D6200 versions prior to 1.1.00.40 D7000 versions prior to 1.0.1.78 R6020 versions prior to 1.0.0.48 R6080 versions prior to 1.0.0.48 R6120 versions prior to 1.0.0.76 R6260 versions prior to 1.1.0.78 R6700v2 versions prior to 1.2.0.76 R6800 versions prior to 1.2.0.76 R6900v2 versions prior to 1.2.0.76 R6850 versions prior to 1.1.0.78 R7200 versions prior to 1.2.0.76 R7350 versions prior to 1.2.0.76 R7400 versions prior to 1.2.0.76 R7450 versions prior to 1.2.0.76 AC2100 versions prior to 1.2.0.76 AC2400 versions prior to 1.2.0.76 AC2600 versions prior to 1.2.0.76 RAX35 versions prior to 1.0.3.62 RAX40 versions prior to 1.0.3.62 **Description** Certain NETGEAR devices are affected by stored XSS. **Recommendations** For D6200 versions prior to 1.1.00.40, update to version 1.1.00.40 or later. For D7000 versions prior to 1.0.1.78, update to version 1.0.1.78 or later. For R6020 versions prior to 1.0.0.48, update to version 1.0.0.48 or later. For R6080 versions prior to 1.0.0.48, update to version 1.0.0.48 or later. For R6120 versions prior to 1.0.0.76, update to version 1.0.0.76 or later. For R6260 versions prior to 1.1.0.78, update to version 1.1.0.78 or later. For R6700v2 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For R6800 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For R6900v2 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For R6850 versions prior to 1.1.0.78, update to version 1.1.0.78 or later. For R7200 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For R7350 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For R7400 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For R7450 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For AC2100 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For AC2400 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For AC2600 versions prior to 1.2.0.76, update to version 1.2.0.76 or later. For RAX35 versions prior to 1.0.3.62, update to version 1.0.3.62 or later. For RAX40 versions prior to 1.0.3.62, update to version 1.0.3.62 or later.

**Name of the Vulnerable Software and Affected Versions** NETGEAR D6200 versions prior to 1.1.00.40 NETGEAR D7000 versions prior to 1.0.1.78 NETGEAR R6020 versions prior to 1.0.0.48 NETGEAR R6080 versions prior to 1.0.0.48 NETGEAR R6120 versions prior to 1.0.0.66 NETGEAR R6260 versions prior to 1.1.0.78 NETGEAR R6700v2 versions prior to 1.2.0.76 NETGEAR R6800 versions prior to 1.2.0.76 NETGEAR R6900v2 versions prior to 1.2.0.76 NETGEAR R6850 versions prior to 1.1.0.78 NETGEAR R7200 versions prior to 1.2.0.76 NETGEAR R7350 versions prior to 1.2.0.76 NETGEAR R7400 versions prior to 1.2.0.76 NETGEAR R7450 versions prior to 1.2.0.76 NETGEAR AC2100 versions prior to 1.2.0.76 NETGEAR AC2400 versions prior to 1.2.0.76 NETGEAR AC2600 versions prior to 1.2.0.76 NETGEAR RAX35 versions prior to 1.0.3.62 NETGEAR RAX40 versions prior to 1.0.3.62 **Description** The issue is related to stored XSS, affecting various NETGEAR devices. **Recommendations** Update D6200 to version 1.1.00.40 or later Update D7000 to version 1.0.1.78 or later Update R6020 to version 1.0.0.48 or later Update R6080 to version 1.0.0.48 or later Update R6120 to version 1.0.0.66 or later Update R6260 to version 1.1.0.78 or later Update R6700v2 to version 1.2.0.76 or later Update R6800 to version 1.2.0.76 or later Update R6900v2 to version 1.2.0.76 or later Update R6850 to version 1.1.0.78 or later Update R7200 to version 1.2.0.76 or later Update R7350 to version 1.2.0.76 or later Update R7400 to version 1.2.0.76 or later Update R7450 to version 1.2.0.76 or later Update AC2100 to version 1.2.0.76 or later Update AC2400 to version 1.2.0.76 or later Update AC2600 to version 1.2.0.76 or later Update RAX35 to version 1.0.3.62 or later Update RAX40 to version 1.0.3.62 or later

**Name of the Vulnerable Software and Affected Versions** NETGEAR D6200 versions 1.1.00.39 and earlier NETGEAR D7000 versions 1.0.1.77 and earlier NETGEAR R6020 versions 1.0.0.47 and earlier NETGEAR R6080 versions 1.0.0.47 and earlier NETGEAR R6120 versions 1.0.0.65 and earlier NETGEAR R6260 versions 1.1.0.77 and earlier NETGEAR R6700v2 versions 1.2.0.75 and earlier NETGEAR R6800 versions 1.2.0.75 and earlier NETGEAR R6900v2 versions 1.2.0.75 and earlier NETGEAR R6850 versions 1.1.0.77 and earlier NETGEAR R7200 versions 1.2.0.75 and earlier NETGEAR R7350 versions 1.2.0.75 and earlier NETGEAR R7400 versions 1.2.0.75 and earlier NETGEAR R7450 versions 1.2.0.75 and earlier NETGEAR AC2100 versions 1.2.0.75 and earlier NETGEAR AC2400 versions 1.2.0.75 and earlier NETGEAR AC2600 versions 1.2.0.75 and earlier NETGEAR RAX40 versions 1.0.3.61 and earlier **Description** The issue is related to stored XSS, which affects certain NETGEAR devices. **Recommendations** For NETGEAR D6200 version 1.1.00.39 and earlier, update to version 1.1.00.40 or later. For NETGEAR D7000 version 1.0.1.77 and earlier, update to version 1.0.1.78 or later. For NETGEAR R6020 version 1.0.0.47 and earlier, update to version 1.0.0.48 or later. For NETGEAR R6080 version 1.0.0.47 and earlier, update to version 1.0.0.48 or later. For NETGEAR R6120 version 1.0.0.65 and earlier, update to version 1.0.0.66 or later. For NETGEAR R6260 version 1.1.0.77 and earlier, update to version 1.1.0.78 or later. For NETGEAR R6700v2 version 1.2.0.75 and earlier, update to version 1.2.0.76 or later. For NETGEAR R6800 version 1.2.0.75 and earlier, update to version 1.2.0.76 or later. For NETGEAR R6900v2 version 1.2.0.75 and earlier, update to version 1.2.0.76 or later. For NETGEAR R6850 version 1.1.0.77 and earlier, update to version 1.1.0.78 or later. For NETGEAR R7200 version 1.2.0.75 and earlier, update to version 1.2.0.76 or later. For NETGEAR R7350 version 1.2.0.75 and earlier, update to version 1.2.0.76 or later. For NETGEAR R7400 version 1.2.0.75 and earlier, update to version 1.2.0.76 or later. For NETGEAR R7450 version 1.2.0.75 and earlier, update to version 1.2.0.76 or later. For NETGEAR AC2100 version 1.2.0.75 and earlier, update to version 1.2.0.76 or later. For NETGEAR AC2400 version 1.2.0.75 and earlier, update to version 1.2.0.76 or later. For NETGEAR AC2600 version 1.2.0.75 and earlier, update to version 1.2.0.76 or later. For NETGEAR RAX40 version 1.0.3.61 and earlier, update to version 1.0.3.62 or later.

Name of the Vulnerable Software and Affected Versions: NETGEAR GS808E versions prior to 1.7.1.0 Description: The issue is related to a lack of protection for service data in the firmware of NETGEAR GS808E switches, which can be exploited to cause a denial of service. Recommendations: For versions prior to 1.7.1.0, update to version 1.7.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** NETGEAR GS105Ev2 versions prior to 1.6.0.4 NETGEAR GS105PE versions prior to 1.6.0.4 NETGEAR GS408EPP versions prior to 1.0.0.15 NETGEAR GS808E versions prior to 1.7.0.7 NETGEAR GS908E versions prior to 1.7.0.3 NETGEAR GSS108E versions prior to 1.6.0.4 NETGEAR GSS108EPP versions prior to 1.0.0.15 **Description** The issue is a buffer overflow that can be exploited by an unauthenticated attacker. **Recommendations** For NETGEAR GS105Ev2 versions prior to 1.6.0.4, update to version 1.6.0.4 or later. For NETGEAR GS105PE versions prior to 1.6.0.4, update to version 1.6.0.4 or later. For NETGEAR GS408EPP versions prior to 1.0.0.15, update to version 1.0.0.15 or later. For NETGEAR GS808E versions prior to 1.7.0.7, update to version 1.7.0.7 or later. For NETGEAR GS908E versions prior to 1.7.0.3, update to version 1.7.0.3 or later. For NETGEAR GSS108E versions prior to 1.6.0.4, update to version 1.6.0.4 or later. For NETGEAR GSS108EPP versions prior to 1.0.0.15, update to version 1.0.0.15 or later.

**Name of the Vulnerable Software and Affected Versions** NETGEAR R8900 versions prior to 1.0.5.2 NETGEAR R9000 versions prior to 1.0.5.2 NETGEAR XR500 versions prior to 2.3.2.56 NETGEAR XR700 versions prior to 1.0.1.20 **Description** The issue affects certain NETGEAR devices, causing a denial of service. **Recommendations** For R8900, update to version 1.0.5.2 or later. For R9000, update to version 1.0.5.2 or later. For XR500, update to version 2.3.2.56 or later. For XR700, update to version 1.0.1.20 or later.

**Name of the Vulnerable Software and Affected Versions** NETGEAR FS728TLP versions prior to 1.0.1.26 NETGEAR GS105Ev2 versions prior to 1.6.0.4 NETGEAR GS105PE versions prior to 1.6.0.4 NETGEAR GS108Ev3 versions prior to 2.06.08 NETGEAR GS108PEv3 versions prior to 2.06.08 NETGEAR GS110EMX versions prior to 1.0.1.4 NETGEAR GS116Ev2 versions prior to 2.6.0.35 NETGEAR GS408EPP versions prior to 1.0.0.15 NETGEAR GS724TPv2 versions prior to 1.1.1.29 NETGEAR GS808E versions prior to 1.7.0.7 NETGEAR GS810EMX versions prior to 1.7.1.1 NETGEAR GS908E versions prior to 1.7.0.3 NETGEAR GSS108E versions prior to 1.6.0.4 NETGEAR GSS108EPP versions prior to 1.0.0.15 NETGEAR GSS116E versions prior to 1.6.0.9 NETGEAR JGS516PE versions prior to 2.6.0.35 NETGEAR JGS524Ev2 versions prior to 2.6.0.35 NETGEAR JGS524PE versions prior to 2.6.0.35 NETGEAR XS512EM versions prior to 1.0.1.1 NETGEAR XS708Ev2 versions prior to 1.6.0.23 NETGEAR XS716E versions prior to 1.6.0.23 NETGEAR XS724EM versions prior to 1.0.1.1 **Description** The issue is related to a lack of access control at the function level in certain NETGEAR devices. **Recommendations** For NETGEAR FS728TLP version prior to 1.0.1.26, update to version 1.0.1.26 or later. For NETGEAR GS105Ev2 version prior to 1.6.0.4, update to version 1.6.0.4 or later. For NETGEAR GS105PE version prior to 1.6.0.4, update to version 1.6.0.4 or later. For NETGEAR GS108Ev3 version prior to 2.06.08, update to version 2.06.08 or later. For NETGEAR GS108PEv3 version prior to 2.06.08, update to version 2.06.08 or later. For NETGEAR GS110EMX version prior to 1.0.1.4, update to version 1.0.1.4 or later. For NETGEAR GS116Ev2 version prior to 2.6.0.35, update to version 2.6.0.35 or later. For NETGEAR GS408EPP version prior to 1.0.0.15, update to version 1.0.0.15 or later. For NETGEAR GS724TPv2 version prior to 1.1.1.29, update to version 1.1.1.29 or later. For NETGEAR GS808E version prior to 1.7.0.7, update to version 1.7.0.7 or later. For NETGEAR GS810EMX version prior to 1.7.1.1, update to version 1.7.1.1 or later. For NETGEAR GS908E version prior to 1.7.0.3, update to version 1.7.0.3 or later. For NETGEAR GSS108E version prior to 1.6.0.4, update to version 1.6.0.4 or later. For NETGEAR GSS108EPP version prior to 1.0.0.15, update to version 1.0.0.15 or later. For NETGEAR GSS116E version prior to 1.6.0.9, update to version 1.6.0.9 or later. For NETGEAR JGS516PE version prior to 2.6.0.35, update to version 2.6.0.35 or later. For NETGEAR JGS524Ev2 version prior to 2.6.0.35, update to version 2.6.0.35 or later. For NETGEAR JGS524PE version prior to 2.6.0.35, update to version 2.6.0.35 or later. For NETGEAR XS512EM version prior to 1.0.1.1, update to version 1.0.1.1 or later. For NETGEAR XS708Ev2 version prior to 1.6.0.23, update to version 1.6.0.23 or later. For NETGEAR XS716E version prior to 1.6.0.23, update to version 1.6.0.23 or later. For NETGEAR XS724EM version prior to 1.0.1.1, update to version 1.0.1.1 or later.

**Name of the Vulnerable Software and Affected Versions** NETGEAR RAX40 versions prior to 1.0.3.62 **Description** The issue is related to stored XSS. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For versions prior to 1.0.3.62, update to version 1.0.3.62 or later to resolve the issue. As a temporary workaround, consider restricting access to the device's web interface to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** NETGEAR RAX40 versions prior to 1.0.3.62 **Description** The issue is related to stored XSS. **Recommendations** For versions prior to 1.0.3.62, update to version 1.0.3.62 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** NETGEAR R6400v2 versions prior to 1.0.4.84 NETGEAR R6700 versions prior to 1.0.2.8 NETGEAR R6700v3 versions prior to 1.0.4.84 NETGEAR R6900 versions prior to 1.0.2.8 NETGEAR R7900 versions prior to 1.0.3.10 **Description** The issue allows for command injection by an authenticated user. **Recommendations** For R6400v2, update to version 1.0.4.84 or later. For R6700, update to version 1.0.2.8 or later. For R6700v3, update to version 1.0.4.84 or later. For R6900, update to version 1.0.2.8 or later. For R7900, update to version 1.0.3.10 or later.