PT-2021-6210 · NetGear · Netgear R6900V2+14
Published
2021-09-26
·
Updated
2022-01-06
·
CVE-2021-45675
CVSS v2.0
7.0
High
| Vector | AV:N/AC:M/Au:S/C:C/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
NETGEAR R6120 versions prior to 1.0.0.76
NETGEAR R6260 versions prior to 1.1.0.78
NETGEAR R6850 versions prior to 1.1.0.78
NETGEAR R6350 versions prior to 1.1.0.78
NETGEAR R6330 versions prior to 1.1.0.78
NETGEAR R6800 versions prior to 1.2.0.76
NETGEAR R6700v2 versions prior to 1.2.0.76
NETGEAR R6900v2 versions prior to 1.2.0.76
NETGEAR R7200 versions prior to 1.2.0.76
NETGEAR R7350 versions prior to 1.2.0.76
NETGEAR R7400 versions prior to 1.2.0.76
NETGEAR R7450 versions prior to 1.2.0.76
NETGEAR AC2100 versions prior to 1.2.0.76
NETGEAR AC2400 versions prior to 1.2.0.76
NETGEAR AC2600 versions prior to 1.2.0.76
Description
The issue exists due to inadequate protection of the web page structure, allowing a remote attacker to impact the confidentiality and integrity of protected information. This is a stored XSS issue.
Recommendations
For NETGEAR R6120 version prior to 1.0.0.76, update to version 1.0.0.76 or later.
For NETGEAR R6260 version prior to 1.1.0.78, update to version 1.1.0.78 or later.
For NETGEAR R6850 version prior to 1.1.0.78, update to version 1.1.0.78 or later.
For NETGEAR R6350 version prior to 1.1.0.78, update to version 1.1.0.78 or later.
For NETGEAR R6330 version prior to 1.1.0.78, update to version 1.1.0.78 or later.
For NETGEAR R6800 version prior to 1.2.0.76, update to version 1.2.0.76 or later.
For NETGEAR R6700v2 version prior to 1.2.0.76, update to version 1.2.0.76 or later.
For NETGEAR R6900v2 version prior to 1.2.0.76, update to version 1.2.0.76 or later.
For NETGEAR R7200 version prior to 1.2.0.76, update to version 1.2.0.76 or later.
For NETGEAR R7350 version prior to 1.2.0.76, update to version 1.2.0.76 or later.
For NETGEAR R7400 version prior to 1.2.0.76, update to version 1.2.0.76 or later.
For NETGEAR R7450 version prior to 1.2.0.76, update to version 1.2.0.76 or later.
For NETGEAR AC2100 version prior to 1.2.0.76, update to version 1.2.0.76 or later.
For NETGEAR AC2400 version prior to 1.2.0.76, update to version 1.2.0.76 or later.
For NETGEAR AC2600 version prior to 1.2.0.76, update to version 1.2.0.76 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Netgear Ac2100
Netgear Ac2400
Netgear Ac2600
Netgear R6120
Netgear R6260
Netgear R6330
Netgear R6350
Netgear R6700V2
Netgear R6800
Netgear R6850
Netgear R6900V2
Netgear R7200
Netgear R7350
Netgear R7400
Netgear R7450