PT-2020-10721 · NetGear · Rbr50+20
Wayne Chin Yick Low
·
Published
2020-04-16
·
Updated
2020-04-21
·
CVE-2019-20746
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
NETGEAR D3600 versions 1.0.0.0 through 1.0.0.74
NETGEAR D6000 versions 1.0.0.0 through 1.0.0.74
NETGEAR D7800 versions 1.0.0.0 through 1.0.1.43
NETGEAR DM200 versions 1.0.0.0 through 1.0.0.57
NETGEAR R7800 versions 1.0.0.0 through 1.0.2.57
NETGEAR R8900 versions 1.0.0.0 through 1.0.4.11
NETGEAR R9000 versions 1.0.0.0 through 1.0.4.7
NETGEAR RBK20 versions 2.3.0.0 through 2.3.0.27
NETGEAR RBR20 versions 2.3.0.0 through 2.3.0.27
NETGEAR RBS20 versions 2.3.0.0 through 2.3.0.27
NETGEAR RBK40 versions 2.3.0.0 through 2.3.0.27
NETGEAR RBS40 versions 2.3.0.0 through 2.3.0.27
NETGEAR RBK50 versions 2.3.0.0 through 2.3.0.31
NETGEAR RBR50 versions 2.3.0.0 through 2.3.0.31
NETGEAR RBS50 versions 2.3.0.0 through 2.3.0.31
NETGEAR WN3000RPv2 versions 1.0.0.0 through 1.0.0.67
NETGEAR WN3000RPv3 versions 1.0.0.0 through 1.0.2.69
NETGEAR WN3100RPv2 versions 1.0.0.0 through 1.0.0.59
NETGEAR WNDR4300v2 versions 1.0.0.0 through 1.0.0.57
NETGEAR WNDR4500v3 versions 1.0.0.0 through 1.0.0.57
NETGEAR WNR2000v5 versions 1.0.0.0 through 1.0.0.67
Description
The issue is related to reflected XSS, which affects certain NETGEAR devices.
Recommendations
Update D3600 to version 1.0.0.75 or later.
Update D6000 to version 1.0.0.75 or later.
Update D7800 to version 1.0.1.44 or later.
Update DM200 to version 1.0.0.58 or later.
Update R7800 to version 1.0.2.58 or later.
Update R8900 to version 1.0.4.12 or later.
Update R9000 to version 1.0.4.8 or later.
Update RBK20 to version 2.3.0.28 or later.
Update RBR20 to version 2.3.0.28 or later.
Update RBS20 to version 2.3.0.28 or later.
Update RBK40 to version 2.3.0.28 or later.
Update RBS40 to version 2.3.0.28 or later.
Update RBK50 to version 2.3.0.32 or later.
Update RBR50 to version 2.3.0.32 or later.
Update RBS50 to version 2.3.0.32 or later.
Update WN3000RPv2 to version 1.0.0.68 or later.
Update WN3000RPv3 to version 1.0.2.70 or later.
Update WN3100RPv2 to version 1.0.0.60 or later.
Update WNDR4300v2 to version 1.0.0.58 or later.
Update WNDR4500v3 to version 1.0.0.58 or later.
Update WNR2000v5 to version 1.0.0.68 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
D3600
D6000
D7800
Dm200
R7800
R8900
R9000
Rbk20
Rbk40
Rbk50
Rbr20
Rbr50
Rbs20
Rbs40
Rbs50
Wn3000Rpv2
Wn3000Rpv3
Wn3100Rpv2
Wndr4300V2
Wndr4500V3
Wnr2000V5