PT-2021-6184 · NetGear · Rbr750+14
Published
2021-09-26
·
Updated
2022-01-06
·
CVE-2021-45665
CVSS v2.0
7.5
High
| Vector | AV:N/AC:M/Au:S/C:P/I:C/A:P |
Name of the Vulnerable Software and Affected Versions
EAX20 versions prior to 1.0.0.36
EAX80 versions prior to 1.0.1.62
EX3700 versions prior to 1.0.0.90
EX3800 versions prior to 1.0.0.90
EX6120 versions prior to 1.0.0.64
EX6130 versions prior to 1.0.0.44
EX7500 versions prior to 1.0.0.72
RBW30 versions prior to 2.6.1.4
RBK752 versions prior to 3.2.16.6
RBR750 versions prior to 3.2.16.6
RBS750 versions prior to 3.2.16.6
RBK852 versions prior to 3.2.16.6
RBR850 versions prior to 3.2.16.6
RBS850 versions prior to 3.2.16.6
RBS40V versions prior to 2.6.1.4
Description
The issue is related to stored XSS, which affects the confidentiality, integrity, and availability of protected information. This occurs due to a lack of protection for the web page structure, allowing a remote attacker to exploit the vulnerability.
Recommendations
For EAX20 versions prior to 1.0.0.36, update to version 1.0.0.36 or later.
For EAX80 versions prior to 1.0.1.62, update to version 1.0.1.62 or later.
For EX3700 versions prior to 1.0.0.90, update to version 1.0.0.90 or later.
For EX3800 versions prior to 1.0.0.90, update to version 1.0.0.90 or later.
For EX6120 versions prior to 1.0.0.64, update to version 1.0.0.64 or later.
For EX6130 versions prior to 1.0.0.44, update to version 1.0.0.44 or later.
For EX7500 versions prior to 1.0.0.72, update to version 1.0.0.72 or later.
For RBW30 versions prior to 2.6.1.4, update to version 2.6.1.4 or later.
For RBK752 versions prior to 3.2.16.6, update to version 3.2.16.6 or later.
For RBR750 versions prior to 3.2.16.6, update to version 3.2.16.6 or later.
For RBS750 versions prior to 3.2.16.6, update to version 3.2.16.6 or later.
For RBK852 versions prior to 3.2.16.6, update to version 3.2.16.6 or later.
For RBR850 versions prior to 3.2.16.6, update to version 3.2.16.6 or later.
For RBS850 versions prior to 3.2.16.6, update to version 3.2.16.6 or later.
For RBS40V versions prior to 2.6.1.4, update to version 2.6.1.4 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Eax20
Eax80
Ex3700
Ex3800
Ex6120
Ex6130
Ex7500
Rbk752
Rbk852
Rbr750
Rbr850
Rbs40V
Rbs750
Rbs850
Rbw30