Stored XSS Vulnerability in NETGEAR WiFi Systems
CVE-2019-20678

6MEDIUM

Key Information:

Vendor
Netgear
Status
Rbr20 Firmware
Vendor
CVE Published:
15 April 2020

Summary

Certain NETGEAR WiFi systems are prone to a stored XSS vulnerability, allowing an attacker to inject malicious scripts into user interactions. This security flaw affects multiple models, including the RBR and RBK series, prior to their respective firmware updates. The affected devices could be exploited through stored user-generated data, potentially compromising the security of the network and its users. It is essential for users to upgrade to the specified firmware versions to mitigate the risks associated with this vulnerability.

References

https://kb.netgear.com/000061461/Security-Advisory-for-St...
x_refsource_CONFIRM

CVSS V3.1

Score:
6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.