Vulnerability Description
Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.63, D7800 before 1.0.1.47, DM200 before 1.0.0.61, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, and RBS50 before 2.3.0.32.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netgear | D3600 Firmware | < 1.0.0.76 |
| Netgear | D3600 | - |
| Netgear | D6000 Firmware | < 1.0.0.76 |
| Netgear | D6000 | - |
| Netgear | D6100 Firmware | < 1.0.0.63 |
| Netgear | D6100 | - |
| Netgear | D7800 Firmware | < 1.0.1.47 |
| Netgear | D7800 | - |
| Netgear | Dm200 Firmware | < 1.0.0.61 |
| Netgear | Dm200 | - |
| Netgear | R7500 Firmware | < 1.0.3.40 |
| Netgear | R7500 | v2 |
| Netgear | R7800 Firmware | < 1.0.2.60 |
| Netgear | R7800 | - |
| Netgear | Rbk50 Firmware | < 2.3.0.32 |
| Netgear | Rbk50 | - |
| Netgear | Rbr50 Firmware | < 2.3.0.32 |
| Netgear | Rbr50 | - |
| Netgear | Rbs50 Firmware | < 2.3.0.32 |
| Netgear | Rbs50 | - |
Related Weaknesses (CWE)
References
- https://kb.netgear.com/000061213/Security-Advisory-for-Stored-Cross-Site-ScriptiVendor Advisory
- https://kb.netgear.com/000061213/Security-Advisory-for-Stored-Cross-Site-ScriptiVendor Advisory
FAQ
What is CVE-2019-20715?
CVE-2019-20715 is a vulnerability with a CVSS score of 4.8 (MEDIUM). Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.63, D7800 before 1.0.1.47, DM200 before 1.0.0.61, R7500v2 before 1.0.3...
How severe is CVE-2019-20715?
CVE-2019-20715 has been rated MEDIUM with a CVSS base score of 4.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-20715?
Check the references section above for vendor advisories and patch information. Affected products include: Netgear D3600 Firmware, Netgear D3600, Netgear D6000 Firmware, Netgear D6000, Netgear D6100 Firmware.