CVE-2021-45668 (GCVE-0-2021-45668)

Vulnerability from cvelistv5 – Published: 2021-12-26 00:25 – Updated: 2024-08-04 04:47
VLAI?
Summary
Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, R7900P before 1.4.1.66, R8000P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106.
Severity ?
6.5 (Medium)
CVSS:3.1/AC:H/AV:A/A:L/C:L/I:H/PR:H/S:C/UI:R
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T04:47:01.954Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.netgear.com/000064122/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Extenders-PSV-2020-0257"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, R7900P before 1.4.1.66, R8000P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AC:H/AV:A/A:L/C:L/I:H/PR:H/S:C/UI:R",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-12-26T00:25:40",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.netgear.com/000064122/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Extenders-PSV-2020-0257"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-45668",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, R7900P before 1.4.1.66, R8000P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT",
            "availabilityImpact": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AC:H/AV:A/A:L/C:L/I:H/PR:H/S:C/UI:R",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.netgear.com/000064122/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Extenders-PSV-2020-0257",
              "refsource": "MISC",
              "url": "https://kb.netgear.com/000064122/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Extenders-PSV-2020-0257"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-45668",
    "datePublished": "2021-12-26T00:25:40",
    "dateReserved": "2021-12-25T00:00:00",
    "dateUpdated": "2024-08-04T04:47:01.954Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.0.48\", \"matchCriteriaId\": \"42805332-33C3-49EB-9A55-952FA3E76A0B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9D3B54B-33C0-4E50-AD2B-2097C612F288\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.1.64\", \"matchCriteriaId\": \"1344C924-0296-4F49-BF9F-113BB643CDD5\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97740F5D-063E-424F-A0FE-09EBE1100975\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.0.64\", \"matchCriteriaId\": \"9B9DB22D-0775-48CE-A97D-BA3B5873C9F8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C6DFDB6-1D7A-459A-8D30-FD4900ED718B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.0.44\", \"matchCriteriaId\": \"F747A14B-5331-428E-8B53-724090554E07\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"305E295C-9C73-4798-A0BE-7973E1EE5EAB\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.0.72\", \"matchCriteriaId\": \"3A9F4EEE-E2D2-42B2-BC5C-844055677C1C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44336289-F9DA-4779-8C1A-0221E29E2E2F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.4.1.66\", \"matchCriteriaId\": \"5B717BA8-81B7-470C-BF20-A4318D063D77\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"091CEDB5-0069-4253-86D8-B9FE17CB9F24\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.3.106\", \"matchCriteriaId\": \"04513F08-329D-446F-A356-29074C1C0BEA\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.0.90\", \"matchCriteriaId\": \"20A423A5-04E9-4323-9818-6C9B78065103\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDAA5899-B73C-4690-853E-B5400F034BE1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.4.1.66\", \"matchCriteriaId\": \"101031E9-479E-4F86-B83A-19376F8C8A45\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7EF872D-2537-4FEB-8799-499FC9D44339\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.2.82\", \"matchCriteriaId\": \"93EF1D39-E084-40E9-86CF-C590763841A0\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7038703C-C79D-4DD4-8B16-E1A5FC6694C0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.2.72\", \"matchCriteriaId\": \"7932C371-669C-43C0-94A4-17BD4BDE8C74\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B08BD69-CDCC-4CEB-B887-4E47D2B45D26\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.3.106\", \"matchCriteriaId\": \"34D7AF28-F117-4E31-AED8-A3179B1BE182\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06B5A85C-3588-4263-B9AD-4E56D3F6CB16\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.0.90\", \"matchCriteriaId\": \"850D0AE9-A57C-47D3-9D44-7EE24E6F594D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC5488D9-651C-4BAB-A141-06B816690D42\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.4.1.66\", \"matchCriteriaId\": \"65F881E3-22B3-40D9-A896-51B13FD09EAA\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3D6A70D-66AF-4064-9F1B-4358D4B1F016\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.2.82\", \"matchCriteriaId\": \"ED73C5EC-C8D3-4206-BCAA-0901F786DD98\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B624B4D3-BCF4-4F95-B401-A88BEC3145A5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0.2.72\", \"matchCriteriaId\": \"E3DD37BF-8664-412F-9A71-58880AF20242\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C430976E-24C0-4EA7-BF54-F9C188AB9C01\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.3.106\", \"matchCriteriaId\": \"C0318AD0-52A7-490F-94C1-D07C97370D2C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, R7900P before 1.4.1.66, R8000P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106.\"}, {\"lang\": \"es\", \"value\": \"Determinados dispositivos NETGEAR est\\u00e1n afectados por un ataque de tipo XSS almacenado. Esto afecta a EAX20 versiones anteriores a 1.0.0.48, EAX80 versiones anteriores a 1.0.1.64, EX3700 versiones anteriores a 1.0.0.90, EX3800 versiones anteriores a 1.0.0.90, EX6120 versiones anteriores a 1.0.0.64, EX6130 versiones anteriores a 1.0.0.44, EX7500 versiones anteriores a 1.0.0.72, R7960P versiones anteriores a 1.4.1. 66, R7900P versiones anteriores a 1.4.1.66, R8000P versiones anteriores a 1.4.1.66, RAX15 versiones anteriores a 1.0.2.82, RAX20 versiones anteriores a 1.0.2.82, RAX200 versiones anteriores a 1.0.3.106, RAX45 versiones anteriores a 1.0.2.72, RAX50 versiones anteriores a 1.0.2.72, RAX75 versiones anteriores a 1.0.3.106 y RAX80 versiones anteriores a 1.0.3.106\"}]",
      "id": "CVE-2021-45668",
      "lastModified": "2024-11-21T06:32:50.033",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"cve@mitre.org\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 0.7, \"impactScore\": 5.3}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 4.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.7, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:S/C:N/I:P/A:N\", \"baseScore\": 3.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 6.8, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2021-12-26T01:15:20.917",
      "references": "[{\"url\": \"https://kb.netgear.com/000064122/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Extenders-PSV-2020-0257\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://kb.netgear.com/000064122/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Extenders-PSV-2020-0257\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-45668\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-12-26T01:15:20.917\",\"lastModified\":\"2024-11-21T06:32:50.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, R7900P before 1.4.1.66, R8000P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106.\"},{\"lang\":\"es\",\"value\":\"Determinados dispositivos NETGEAR est\u00e1n afectados por un ataque de tipo XSS almacenado. Esto afecta a EAX20 versiones anteriores a 1.0.0.48, EAX80 versiones anteriores a 1.0.1.64, EX3700 versiones anteriores a 1.0.0.90, EX3800 versiones anteriores a 1.0.0.90, EX6120 versiones anteriores a 1.0.0.64, EX6130 versiones anteriores a 1.0.0.44, EX7500 versiones anteriores a 1.0.0.72, R7960P versiones anteriores a 1.4.1. 66, R7900P versiones anteriores a 1.4.1.66, R8000P versiones anteriores a 1.4.1.66, RAX15 versiones anteriores a 1.0.2.82, RAX20 versiones anteriores a 1.0.2.82, RAX200 versiones anteriores a 1.0.3.106, RAX45 versiones anteriores a 1.0.2.72, RAX50 versiones anteriores a 1.0.2.72, RAX75 versiones anteriores a 1.0.3.106 y RAX80 versiones anteriores a 1.0.3.106\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":0.7,\"impactScore\":5.3},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.7,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:N/I:P/A:N\",\"baseScore\":3.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.8,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.48\",\"matchCriteriaId\":\"42805332-33C3-49EB-9A55-952FA3E76A0B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9D3B54B-33C0-4E50-AD2B-2097C612F288\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.1.64\",\"matchCriteriaId\":\"1344C924-0296-4F49-BF9F-113BB643CDD5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97740F5D-063E-424F-A0FE-09EBE1100975\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.64\",\"matchCriteriaId\":\"9B9DB22D-0775-48CE-A97D-BA3B5873C9F8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C6DFDB6-1D7A-459A-8D30-FD4900ED718B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.44\",\"matchCriteriaId\":\"F747A14B-5331-428E-8B53-724090554E07\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"305E295C-9C73-4798-A0BE-7973E1EE5EAB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.72\",\"matchCriteriaId\":\"3A9F4EEE-E2D2-42B2-BC5C-844055677C1C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44336289-F9DA-4779-8C1A-0221E29E2E2F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.4.1.66\",\"matchCriteriaId\":\"5B717BA8-81B7-470C-BF20-A4318D063D77\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"091CEDB5-0069-4253-86D8-B9FE17CB9F24\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.3.106\",\"matchCriteriaId\":\"04513F08-329D-446F-A356-29074C1C0BEA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.90\",\"matchCriteriaId\":\"20A423A5-04E9-4323-9818-6C9B78065103\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDAA5899-B73C-4690-853E-B5400F034BE1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.4.1.66\",\"matchCriteriaId\":\"101031E9-479E-4F86-B83A-19376F8C8A45\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7EF872D-2537-4FEB-8799-499FC9D44339\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.2.82\",\"matchCriteriaId\":\"93EF1D39-E084-40E9-86CF-C590763841A0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7038703C-C79D-4DD4-8B16-E1A5FC6694C0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.2.72\",\"matchCriteriaId\":\"7932C371-669C-43C0-94A4-17BD4BDE8C74\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B08BD69-CDCC-4CEB-B887-4E47D2B45D26\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.3.106\",\"matchCriteriaId\":\"34D7AF28-F117-4E31-AED8-A3179B1BE182\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06B5A85C-3588-4263-B9AD-4E56D3F6CB16\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.90\",\"matchCriteriaId\":\"850D0AE9-A57C-47D3-9D44-7EE24E6F594D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC5488D9-651C-4BAB-A141-06B816690D42\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.4.1.66\",\"matchCriteriaId\":\"65F881E3-22B3-40D9-A896-51B13FD09EAA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D6A70D-66AF-4064-9F1B-4358D4B1F016\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.2.82\",\"matchCriteriaId\":\"ED73C5EC-C8D3-4206-BCAA-0901F786DD98\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B624B4D3-BCF4-4F95-B401-A88BEC3145A5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.2.72\",\"matchCriteriaId\":\"E3DD37BF-8664-412F-9A71-58880AF20242\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C430976E-24C0-4EA7-BF54-F9C188AB9C01\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.3.106\",\"matchCriteriaId\":\"C0318AD0-52A7-490F-94C1-D07C97370D2C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F\"}]}]}],\"references\":[{\"url\":\"https://kb.netgear.com/000064122/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Extenders-PSV-2020-0257\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://kb.netgear.com/000064122/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Extenders-PSV-2020-0257\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.