Published: 24/04/2020 Updated: 28/04/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Certain NETGEAR devices are affected by stored XSS. This affects D6400 prior to 1.0.0.60, D7000 prior to 1.0.1.50, D8500 prior to 1.0.3.29, EX6200 prior to 1.0.3.84, EX7000 prior to 1.0.0.60, R6250 prior to 1.0.4.16, R6300v2 prior to 1.0.4.18, R6400 prior to 1.01.32, R6400v2 prior to 1.0.2.44, R6700 prior to 1.0.1.36, R6900 prior to 1.0.1.34, R6900P prior to 1.3.0.8, R7000 prior to 1.0.9.14, R7000P prior to 1.3.0.8, R7100LG prior to 1.0.0.34, R7300DST prior to 1.0.0.56, R7900 prior to 1.0.1.26, R8000 prior to 1.0.4.4, R8300 prior to 1.0.2.106, R8500 prior to 1.0.2.106, R9000 prior to 1.0.2.52, WNDR3400v3 prior to 1.0.1.16, WNR3500Lv2 prior to 1.2.0.46, and WNDR3700v5 prior to 1.1.0.48.

Vulnerable Product	Search on Vulmon	Subscribe to Product
netgear d6400_firmware
netgear d7000_firmware
netgear d8500_firmware
netgear ex6200_firmware
netgear ex7000_firmware
netgear r6250_firmware
netgear r6300_firmware
netgear r6400_firmware
netgear r6700_firmware
netgear r6900_firmware
netgear r6900p_firmware
netgear r7000_firmware
netgear r7000p_firmware
netgear r7100lg_firmware
netgear r7300dst_firmware
netgear r7900_firmware
netgear r8000_firmware
netgear r8300_firmware
netgear r8500_firmware
netgear r9000_firmware
netgear wndr3400_firmware
netgear wnr3500l_firmware
netgear wndr3700_firmware

CWE-79 https://kb.netgear.com/000053202/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0342 https://nvd.nist.gov

CVE-2017-18700

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect