CVE-2021-45670

Published at:
2021-12-26T01:15:21.007
Source: [email protected]

Global infos:

Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7000 before 1.0.11.116, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R7000P before 1.3.2.126, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800 before 1.0.0.90, MS60 before 1.0.6.110, R6900P before 1.3.2.126, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.

CVE Status: Modified

References:

  • [email protected]
  • af854a3a-2127-422b-91ae-364da2661108
    •

    Metrics:

    AttributeValue
    Attack ComplexityHIGH
    Attack VectorADJACENT_NETWORK
    Availability ImpactLOW
    Base Score6.5
    Base SeverityMEDIUM
    Confidentiality ImpactLOW
    Integrity ImpactHIGH
    Privileges RequiredHIGH
    ScopeCHANGED
    User InteractionREQUIRED
    Vector StringCVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L
    Exploitability Score0.7
    Impact Score5.3
    Source[email protected]
    TypeSecondary

    Links:

    Exploit-db
    Github

    Most recherched CVEs
    Popular Keywords