CVE-2021-45675 — MEDIUM (5.8)

Q: How severe is CVE-2021-45675?

CVE-2021-45675 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-45675?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear R6120 Firmware, Netgear R6120, Netgear R6260 Firmware, Netgear R6260, Netgear R6850 Firmware.

Vulnerability Description

Certain NETGEAR devices are affected by stored XSS. This affects R6120 before 1.0.0.76, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2.0.76, R6700v2 before 1.2.0.76, R6900v2 before 1.2.0.76, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, and AC2600 before 1.2.0.76.

CVSS Score

5.8

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:N

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

HIGH

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Netgear	R6120 Firmware	< 1.0.0.76
Netgear	R6120	-
Netgear	R6260 Firmware	< 1.1.0.78
Netgear	R6260	-
Netgear	R6850 Firmware	< 1.1.0.78
Netgear	R6850	-
Netgear	R6350 Firmware	< 1.1.0.78
Netgear	R6350	-
Netgear	R6330 Firmware	< 1.1.0.78
Netgear	R6330	-
Netgear	R6800 Firmware	< 1.2.0.76
Netgear	R6800	-
Netgear	R6700V2 Firmware	< 1.2.0.76
Netgear	R6700V2	-
Netgear	R6900V2 Firmware	< 1.2.0.76
Netgear	R6900V2	-
Netgear	R7200 Firmware	< 1.2.0.76
Netgear	R7200	-
Netgear	R7350 Firmware	< 1.2.0.76
Netgear	R7350	-

Related Weaknesses (CWE)

CWE-79

References

https://kb.netgear.com/000064116/Security-Advisory-for-Stored-Cross-Site-ScriptiPatchVendor Advisory
https://kb.netgear.com/000064116/Security-Advisory-for-Stored-Cross-Site-ScriptiPatchVendor Advisory

FAQ

What is CVE-2021-45675?

CVE-2021-45675 is a vulnerability with a CVSS score of 5.8 (MEDIUM). Certain NETGEAR devices are affected by stored XSS. This affects R6120 before 1.0.0.76, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2.0.7...

How severe is CVE-2021-45675?

CVE-2021-45675 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-45675?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear R6120 Firmware, Netgear R6120, Netgear R6260 Firmware, Netgear R6260, Netgear R6850 Firmware.