PT-2021-5842 · NetGear · Netgear R7000

Published

2021-12-20

Updated

2022-01-04

CVE-2021-45663

CVSS v2.0

6.8

Medium

Vector

AV:A/AC:M/Au:S/C:C/I:C/A:N

Name of the Vulnerable Software and Affected Versions NETGEAR R7000 versions prior to 1.0.11.126

Description The issue is related to stored XSS and is caused by the failure to protect the structure of web pages. This could allow an attacker to perform cross-site scripting attacks.

Recommendations For versions prior to 1.0.11.126, update to version 1.0.11.126 or later to resolve the issue. As a temporary workaround, consider restricting access to the web interface of the NETGEAR R7000 device until the update is applied.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

BDU:2022-00357

CVE-2021-45663

Affected Products

Netgear R7000

PT-2021-5842 · NetGear · Netgear R7000

CVE-2021-45663

Weakness Enumeration

Related Identifiers

Affected Products

References · 4