Lucene search

MitreCVELIST:CVE-2021-45665

HistoryDec 26, 2021 - 12:26 a.m.

CVE-2021-45665

2021-12-2600:26:16

mitre

www.cve.org

netgear

stored xss

eax20

eax80

ex3700

ex3800

ex6120

ex6130

ex7500

rbw30

rbk752

rbr750

rbs750

rbk852

rbr850

rbs850

rbs40v

vulnerability

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L

EPSS

0.001

Percentile

22.7%

JSON

Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4.

References

kb.netgear.com/000064120/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0247

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L

EPSS

0.001

Percentile

22.7%

JSON

Related for CVELIST:CVE-2021-45665