PT-2020-10689 · NetGear · Rbr50+20
Wayne Low
·
Published
2020-04-16
·
Updated
2020-04-22
·
CVE-2019-20714
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
NETGEAR D3600 versions 1.0.0.0 through 1.0.0.74
NETGEAR D6000 versions 1.0.0.0 through 1.0.0.74
NETGEAR D7800 versions 1.0.0.0 through 1.0.1.43
NETGEAR DM200 versions 1.0.0.0 through 1.0.0.57
NETGEAR R7500v2 versions 1.0.0.0 through 1.0.3.39
NETGEAR R7800 versions 1.0.0.0 through 1.0.2.59
NETGEAR R8900 versions 1.0.0.0 through 1.0.4.11
NETGEAR R9000 versions 1.0.0.0 through 1.0.4.11
NETGEAR RBK20 versions 2.3.0.0 through 2.3.0.21
NETGEAR RBR20 versions 2.3.0.0 through 2.3.0.21
NETGEAR RBS20 versions 2.3.0.0 through 2.3.0.21
NETGEAR RBK50 versions 2.3.0.0 through 2.3.0.21
NETGEAR RBR50 versions 2.3.0.0 through 2.3.0.21
NETGEAR RBS50 versions 2.3.0.0 through 2.3.0.21
NETGEAR RBS40 versions 2.3.0.0 through 2.3.0.21
NETGEAR WN3000RPv2 versions 1.0.0.0 through 1.0.0.67
NETGEAR WN3000RPv3 versions 1.0.0.0 through 1.0.2.69
NETGEAR WN3100RPv2 versions 1.0.0.0 through 1.0.0.59
NETGEAR WNDR4300v2 versions 1.0.0.0 through 1.0.0.57
NETGEAR WNDR4500v3 versions 1.0.0.0 through 1.0.0.57
NETGEAR WNR2000v5 versions 1.0.0.0 through 1.0.0.67
Description
The issue is related to stored XSS, which affects certain NETGEAR devices.
Recommendations
Update NETGEAR D3600 to version 1.0.0.75 or later.
Update NETGEAR D6000 to version 1.0.0.75 or later.
Update NETGEAR D7800 to version 1.0.1.44 or later.
Update NETGEAR DM200 to version 1.0.0.58 or later.
Update NETGEAR R7500v2 to version 1.0.3.40 or later.
Update NETGEAR R7800 to version 1.0.2.60 or later.
Update NETGEAR R8900 to version 1.0.4.12 or later.
Update NETGEAR R9000 to version 1.0.4.12 or later.
Update NETGEAR RBK20 to version 2.3.0.22 or later.
Update NETGEAR RBR20 to version 2.3.0.22 or later.
Update NETGEAR RBS20 to version 2.3.0.22 or later.
Update NETGEAR RBK50 to version 2.3.0.22 or later.
Update NETGEAR RBR50 to version 2.3.0.22 or later.
Update NETGEAR RBS50 to version 2.3.0.22 or later.
Update NETGEAR RBS40 to version 2.3.0.22 or later.
Update NETGEAR WN3000RPv2 to version 1.0.0.68 or later.
Update NETGEAR WN3000RPv3 to version 1.0.2.70 or later.
Update NETGEAR WN3100RPv2 to version 1.0.0.60 or later.
Update NETGEAR WNDR4300v2 to version 1.0.0.58 or later.
Update NETGEAR WNDR4500v3 to version 1.0.0.58 or later.
Update NETGEAR WNR2000v5 to version 1.0.0.68 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
D3600
D6000
D7800
Dm200
R7500V2
R7800
R8900
R9000
Rbk20
Rbk50
Rbr20
Rbr50
Rbs20
Rbs40
Rbs50
Wn3000Rpv2
Wn3000Rpv3
Wn3100Rpv2
Wndr4300V2
Wndr4500V3
Wnr2000V5