1. Home
  2. CVE Database
  3. CVE-2021-45673
MEDIUM · 4.8

CVE-2021-45673

Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX200 before 1.0.3.106, R7000P before 1.3.3.140, RAX80 before 1...

Vulnerability Description

Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX200 before 1.0.3.106, R7000P before 1.3.3.140, RAX80 before 1.0.3.106, R6900P before 1.3.3.140, and RAX75 before 1.0.3.106.

CVSS Score

4.8

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE

Affected Products

VendorProductVersions
NetgearR7000 Firmware< 1.0.11.110
NetgearR7000-
NetgearR7900 Firmware< 1.0.4.30
NetgearR7900-
NetgearR8000 Firmware< 1.0.4.62
NetgearR8000-
NetgearRax200 Firmware< 1.0.3.106
NetgearRax200-
NetgearR7000P Firmware< 1.3.3.140
NetgearR7000P-
NetgearRax80 Firmware< 1.0.3.106
NetgearRax80-
NetgearR6900P Firmware< 1.3.3.140
NetgearR6900P-
NetgearRax75 Firmware< 1.0.3.106
NetgearRax75-

Related Weaknesses (CWE)

CWE-79

References

FAQ

What is CVE-2021-45673?

CVE-2021-45673 is a vulnerability with a CVSS score of 4.8 (MEDIUM). Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX200 before 1.0.3.106, R7000P before 1.3.3.140, RAX80 before 1...

How severe is CVE-2021-45673?

CVE-2021-45673 has been rated MEDIUM with a CVSS base score of 4.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-45673?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear R7000 Firmware, Netgear R7000, Netgear R7900 Firmware, Netgear R7900, Netgear R8000 Firmware.