CVE-2021-45676
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
EPSS
Percentile
22.7%
Certain NETGEAR devices are affected by stored XSS. This affects RAX200 before 1.0.5.126, RAX20 before 1.0.2.82, RAX80 before 1.0.5.126, RAX15 before 1.0.2.82, and RAX75 before 1.0.5.126.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| netgear | rax200_firmware | * | cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:* |
| netgear | rax200 | - | cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:* |
| netgear | rax20_firmware | * | cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:* |
| netgear | rax20 | - | cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:* |
| netgear | rax80_firmware | * | cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:* |
| netgear | rax80 | - | cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:* |
| netgear | rax15_firmware | * | cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:* |
| netgear | rax15 | - | cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:* |
| netgear | rax75_firmware | * | cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:* |
| netgear | rax75 | - | cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
EPSS
Percentile
22.7%