Reflected XSS Vulnerability in NETGEAR R6700v2 and R6800 Routers
CVE-2017-18800

6.1MEDIUM

Key Information:

Vendor: Netgear
Status: R6700 Firmware
Vendor: CVE Published:; 21 April 2020

Summary

Certain NETGEAR routers, specifically the R6700v2 and R6800, are susceptible to reflected cross-site scripting vulnerabilities. These vulnerabilities allow malicious actors to inject harmful scripts into the web pages viewed by users, potentially enabling unauthorized actions or data exposure. Users operating R6700v2 versions prior to 1.1.0.42 and R6800 versions prior to 1.1.0.42 should take immediate action to mitigate risks by updating their devices to the latest firmware. For further details, visit the Security Advisory.

References

https://kb.netgear.com/000049356/Security-Advisory-for-Re...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Apr 21, 2020
Vulnerability Reserved
Apr 20, 2020