← Voltar para CVEs
CVE-2017-18784
MEDIUM6.1
Descricao
Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6050 before 1.0.1.12, R6080 before 1.0.0.26, R6120 before 1.0.0.36, R6220 before 1.1.0.60, R6700v2 before 1.2.0.12, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, WNDR3700v5 before 1.1.0.50, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44.
Detalhes CVE
Pontuacao CVSS v3.16.1
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioREQUIRED
Publicado4/22/2020
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
netgear:d6200netgear:d6200_firmwarenetgear:d7000netgear:d7000_firmwarenetgear:jnr1010netgear:jnr1010_firmwarenetgear:jwnr2010netgear:jwnr2010_firmwarenetgear:pr2000netgear:pr2000_firmwarenetgear:r6020netgear:r6020_firmwarenetgear:r6050netgear:r6050_firmwarenetgear:r6080netgear:r6080_firmwarenetgear:r6120netgear:r6120_firmwarenetgear:r6220netgear:r6220_firmwarenetgear:r6700netgear:r6700_firmwarenetgear:r6800netgear:r6800_firmwarenetgear:r6900netgear:r6900_firmwarenetgear:wndr3700netgear:wndr3700_firmwarenetgear:wnr1000netgear:wnr1000_firmwarenetgear:wnr2020netgear:wnr2020_firmwarenetgear:wnr2050netgear:wnr2050_firmware
Fraquezas (CWE)
CWE-79
Referencias
https://kb.netgear.com/000049535/Security-Advisory-for-Cross-Site-Scripting-on-Some-Routers-PSV-2017-2951(cve@mitre.org)
https://kb.netgear.com/000049535/Security-Advisory-for-Cross-Site-Scripting-on-Some-Routers-PSV-2017-2951(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.