XSS Vulnerability in NETGEAR EX7000 Wi-Fi Range Extender
CVE-2016-10864

5.2MEDIUM

Key Information:

Vendor: Netgear
Status: Ex7000 Firmware
Vendor: CVE Published:; 8 August 2019

What is CVE-2016-10864?

The NETGEAR EX7000 Wi-Fi Range Extender is susceptible to a Cross-Site Scripting (XSS) vulnerability that allows an attacker to inject malicious scripts via the SSID field. This can potentially enable unauthorized access or manipulative actions in the context of the user's session, posing risks to the user's network integrity and data privacy.

References

https://www.pentestpartners.com/security-blog/netgear-ex7...

x_refsource_MISC

CVSS V3.1

Score:

5.2

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 8, 2019
Vulnerability Reserved
Aug 5, 2019

Netgear

What is CVE-2016-10864?

References

CVSS V3.1

Timeline