CVE-2021-45671

Name of the Vulnerable Software and Affected Versions NETGEAR CBR40 versions prior to 2.5.0.10 NETGEAR EAX80 versions prior to 1.0.1.62 NETGEAR EX7500 versions prior to 1.0.0.72 NETGEAR R7900 versions prior to 1.0.4.38 NETGEAR R8000 versions prior to 1.0.4.68 NETGEAR RAX200 versions prior to 1.0.4.120 NETGEAR RBS40V versions prior to 2.6.1.4 NETGEAR RBW30 versions prior to 2.6.1.4 NETGEAR MR60 versions prior to 1.0.6.110 NETGEAR RAX20 versions prior to 1.0.2.82 NETGEAR RAX45 versions prior to 1.0.2.72 NETGEAR RAX80 versions prior to 1.0.4.120 NETGEAR MS60 versions prior to 1.0.6.110 NETGEAR RAX15 versions prior to 1.0.2.82 NETGEAR RAX50 versions prior to 1.0.2.72 NETGEAR RAX75 versions prior to 1.0.4.120 NETGEAR RBR750 versions prior to 3.2.16.6 NETGEAR RBR850 versions prior to 3.2.16.6 NETGEAR RBS750 versions prior to 3.2.16.6 NETGEAR RBS850 versions prior to 3.2.16.6 NETGEAR RBK752 versions prior to 3.2.16.6 NETGEAR RBK852 versions prior to 3.2.16.6

Description The issue is related to stored XSS, which can allow a remote attacker to perform cross-site scripting attacks due to inadequate protection of the web page structure.

Recommendations As a temporary workaround, consider disabling access to the web interface until a patch is available for the following versions: NETGEAR CBR40 version prior to 2.5.0.10: Update to version 2.5.0.10 or later. NETGEAR EAX80 version prior to 1.0.1.62: Update to version 1.0.1.62 or later. NETGEAR EX7500 version prior to 1.0.0.72: Update to version 1.0.0.72 or later. NETGEAR R7900 version prior to 1.0.4.38: Update to version 1.0.4.38 or later. NETGEAR R8000 version prior to 1.0.4.68: Update to version 1.0.4.68 or later. NETGEAR RAX200 version prior to 1.0.4.120: Update to version 1.0.4.120 or later. NETGEAR RBS40V version prior to 2.6.1.4: Update to version 2.6.1.4 or later. NETGEAR RBW30 version prior to 2.6.1.4: Update to version 2.6.1.4 or later. NETGEAR MR60 version prior to 1.0.6.110: Update to version 1.0.6.110 or later. NETGEAR RAX20 version prior to 1.0.2.82: Update to version 1.0.2.82 or later. NETGEAR RAX45 version prior to 1.0.2.72: Update to version 1.0.2.72 or later. NETGEAR RAX80 version prior to 1.0.4.120: Update to version 1.0.4.120 or later. NETGEAR MS60 version prior to 1.0.6.110: Update to version 1.0.6.110 or later. NETGEAR RAX15 version prior to 1.0.2.82: Update to version 1.0.2.82 or later. NETGEAR RAX50 version prior to 1.0.2.72: Update to version 1.0.2.72 or later. NETGEAR RAX75 version prior to 1.0.4.120: Update to version 1.0.4.120 or later. NETGEAR RBR750 version prior to 3.2.16.6: Update to version 3.2.16.6 or later. NETGEAR RBR850 version prior to 3.2.16.6: Update to version 3.2.16.6 or later. NETGEAR RBS750 version prior to 3.2.16.6: Update to version 3.2.16.6 or later. NETGEAR RBS850 version prior to 3.2.16.6: Update to version 3.2.16.6 or later. NETGEAR RBK752 version prior to 3.2.16.6: Update to version 3.2.16.6 or later. NETGEAR RBK852 version prior to 3.2.16.6: Update to version 3.2.16.6 or later.