Vulnerability Description
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBK50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netgear | D7800 Firmware | < 1.0.1.56 |
| Netgear | D7800 | - |
| Netgear | R7500 Firmware | < 1.0.3.46 |
| Netgear | R7500 | v2 |
| Netgear | R7800 Firmware | < 1.0.2.68 |
| Netgear | R7800 | - |
| Netgear | R8900 Firmware | < 1.0.4.28 |
| Netgear | R8900 | - |
| Netgear | R9000 Firmware | < 1.0.4.28 |
| Netgear | R9000 | - |
| Netgear | Rax120 Firmware | < 1.0.0.78 |
| Netgear | Rax120 | - |
| Netgear | Xr500 Firmware | < 2.3.2.56 |
| Netgear | Xr500 | - |
| Netgear | Xr700 Firmware | < 1.0.1.10 |
| Netgear | Xr700 | - |
| Netgear | Rbr50 Firmware | < 2.3.5.30 |
| Netgear | Rbr50 | - |
| Netgear | Rbs50 Firmware | < 2.3.5.30 |
| Netgear | Rbs50 | - |
Related Weaknesses (CWE)
References
- https://kb.netgear.com/000061744/Security-Advisory-for-Stored-Cross-Site-ScriptiVendor Advisory
- https://kb.netgear.com/000061744/Security-Advisory-for-Stored-Cross-Site-ScriptiVendor Advisory
FAQ
What is CVE-2020-11786?
CVE-2020-11786 is a vulnerability with a CVSS score of 4.8 (MEDIUM). Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0....
How severe is CVE-2020-11786?
CVE-2020-11786 has been rated MEDIUM with a CVSS base score of 4.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-11786?
Check the references section above for vendor advisories and patch information. Affected products include: Netgear D7800 Firmware, Netgear D7800, Netgear R7500 Firmware, Netgear R7500, Netgear R7800 Firmware.