CVE-2017-18866 Information

Feb 14, 2021 cve

Description

Certain NETGEAR devices are affected by stored XSS. This affects R9000 before 1.0.2.40 R6100 before 1.0.1.1 6R7500 before 1.0.0.110 R7500v2 before 1.0.3.20 R7800 before 1.0.2.36 WNDR4300v2 before 1.0.0.48 and WNR2000v5 before 1.0.0.58.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Reference

https://kb.netgear.com/000051472/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Routers-PSV-2016-0100

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

6.1

Share on: