PT-2020-10643 · NetGear · Rbr40+8

Aircut

·

Published

2020-04-15

·

Updated

2020-04-20

·

CVE-2019-20668

CVSS v3.1

6.0

Medium

VectorAC:L/AV:L/A:N/C:H/I:H/PR:H/S:U/UI:N
Name of the Vulnerable Software and Affected Versions NETGEAR RBR20 versions prior to 2.3.5.26 NETGEAR RBS20 versions prior to 2.3.5.26 NETGEAR RBK20 versions prior to 2.3.5.26 NETGEAR RBR40 versions prior to 2.3.5.30 NETGEAR RBS40 versions prior to 2.3.5.30 NETGEAR RBK40 versions prior to 2.3.5.30 NETGEAR RBR50 versions prior to 2.3.5.30 NETGEAR RBS50 versions prior to 2.3.5.30 NETGEAR RBK50 versions prior to 2.3.5.30
Description The issue is related to stored XSS, which affects certain NETGEAR devices.
Recommendations For RBR20 versions prior to 2.3.5.26, update to version 2.3.5.26 or later. For RBS20 versions prior to 2.3.5.26, update to version 2.3.5.26 or later. For RBK20 versions prior to 2.3.5.26, update to version 2.3.5.26 or later. For RBR40 versions prior to 2.3.5.30, update to version 2.3.5.30 or later. For RBS40 versions prior to 2.3.5.30, update to version 2.3.5.30 or later. For RBK40 versions prior to 2.3.5.30, update to version 2.3.5.30 or later. For RBR50 versions prior to 2.3.5.30, update to version 2.3.5.30 or later. For RBS50 versions prior to 2.3.5.30, update to version 2.3.5.30 or later. For RBK50 versions prior to 2.3.5.30, update to version 2.3.5.30 or later.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2019-20668

Affected Products

Rbk20
Rbk40
Rbk50
Rbr20
Rbr40
Rbr50
Rbs20
Rbs40
Rbs50