CVE-2019-20752

Name of the Vulnerable Software and Affected Versions D3600 versions 1.0.0.0 through 1.0.0.74 D6000 versions 1.0.0.0 through 1.0.0.74 D7800 versions 1.0.0.0 through 1.0.1.43 DM200 versions 1.0.0.0 through 1.0.0.57 R7800 versions 1.0.0.0 through 1.0.2.57 R8900 versions 1.0.0.0 through 1.0.4.11 R9000 versions 1.0.0.0 through 1.0.4.11 RBK20 versions 2.3.0.0 through 2.3.0.27 RBR20 versions 2.3.0.0 through 2.3.0.27 RBS20 versions 2.3.0.0 through 2.3.0.27 RBK40 versions 2.3.0.0 through 2.3.0.27 RBS40 versions 2.3.0.0 through 2.3.0.27 RBK50 versions 2.3.0.0 through 2.3.0.31 RBR50 versions 2.3.0.0 through 2.3.0.31 RBS50 versions 2.3.0.0 through 2.3.0.31 WN3000RPv2 versions 1.0.0.0 through 1.0.0.67 WN3000RPv3 versions 1.0.0.0 through 1.0.2.69 WN3100RPv2 versions 1.0.0.0 through 1.0.0.59 WNDR4300v2 versions 1.0.0.0 through 1.0.0.57 WNDR4500v3 versions 1.0.0.0 through 1.0.0.57 WNR2000v5 versions 1.0.0.0 through 1.0.0.67

Description The issue is related to stored XSS, which affects certain NETGEAR devices.

Recommendations Update D3600 to version 1.0.0.75 or later. Update D6000 to version 1.0.0.75 or later. Update D7800 to version 1.0.1.44 or later. Update DM200 to version 1.0.0.58 or later. Update R7800 to version 1.0.2.58 or later. Update R8900 to version 1.0.4.12 or later. Update R9000 to version 1.0.4.12 or later. Update RBK20 to version 2.3.0.28 or later. Update RBR20 to version 2.3.0.28 or later. Update RBS20 to version 2.3.0.28 or later. Update RBK40 to version 2.3.0.28 or later. Update RBS40 to version 2.3.0.28 or later. Update RBK50 to version 2.3.0.32 or later. Update RBR50 to version 2.3.0.32 or later. Update RBS50 to version 2.3.0.32 or later. Update WN3000RPv2 to version 1.0.0.68 or later. Update WN3000RPv3 to version 1.0.2.70 or later. Update WN3100RPv2 to version 1.0.0.60 or later. Update WNDR4300v2 to version 1.0.0.58 or later. Update WNDR4500v3 to version 1.0.0.58 or later. Update WNR2000v5 to version 1.0.0.68 or later.