Lucene search

MitreCVELIST:CVE-2021-45674

HistoryDec 26, 2021 - 12:24 a.m.

CVE-2021-45674

2021-12-2600:24:15

mitre

www.cve.org

netgear devices

stored xss

r7000

r7900

r8000

rax15

rax20

rax200

rax75

rax80

cve-2021-45674

CVSS3

3.2

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

22.7%

JSON

Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106.

References

kb.netgear.com/000064077/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-PSV-2020-0017

CVSS3

3.2

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

22.7%

JSON

Related for CVELIST:CVE-2021-45674