Vulnerability Description
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.47, EX6150v2 before 1.0.1.76, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN2000RPTv3 before 1.0.1.32, WN3000RPv3 before 1.0.2.70, and WN3100RPv2 before 1.0.0.66.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netgear | D7800 Firmware | < 1.0.1.47 |
| Netgear | D7800 | - |
| Netgear | Ex6100 Firmware | < 1.0.1.76 |
| Netgear | Ex6100 | v2 |
| Netgear | Ex6150 Firmware | < 1.0.1.76 |
| Netgear | Ex6150 | v2 |
| Netgear | R7500 Firmware | < 1.0.3.38 |
| Netgear | R7500 | v2 |
| Netgear | R7800 Firmware | < 1.0.2.52 |
| Netgear | R7800 | - |
| Netgear | R8900 Firmware | < 1.0.4.12 |
| Netgear | R8900 | - |
| Netgear | R9000 Firmware | < 1.0.4.12 |
| Netgear | R9000 | - |
| Netgear | Wn2000Rpt Firmware | < 1.0.1.32 |
| Netgear | Wn2000Rpt | v3 |
| Netgear | Wn3000Rp Firmware | < 1.0.2.70 |
| Netgear | Wn3000Rp | v3 |
| Netgear | Wn3100Rp Firmware | < 1.0.0.66 |
| Netgear | Wn3100Rp | v2 |
Related Weaknesses (CWE)
References
- https://kb.netgear.com/000060966/Security-Advisory-for-Stored-Cross-Site-ScriptiVendor Advisory
- https://kb.netgear.com/000060966/Security-Advisory-for-Stored-Cross-Site-ScriptiVendor Advisory
FAQ
What is CVE-2019-20750?
CVE-2019-20750 is a vulnerability with a CVSS score of 4.8 (MEDIUM). Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.47, EX6150v2 before 1.0.1.76, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1....
How severe is CVE-2019-20750?
CVE-2019-20750 has been rated MEDIUM with a CVSS base score of 4.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-20750?
Check the references section above for vendor advisories and patch information. Affected products include: Netgear D7800 Firmware, Netgear D7800, Netgear Ex6100 Firmware, Netgear Ex6100, Netgear Ex6150 Firmware.