Reflected XSS Vulnerability in Multiple NETGEAR Devices
CVE-2021-45639

5.2MEDIUM

Key Information:

Vendor: Netgear
Status: Cbr40 Firmware
Vendor: CVE Published:; 26 December 2021

What is CVE-2021-45639?

Multiple NETGEAR devices are susceptible to reflected XSS vulnerabilities. Attackers can exploit this flaw to execute malicious scripts in the context of a victim's web browser. This can lead to unauthorized access to sensitive user information or execution of harmful actions. It is recommended that users promptly update their devices to mitigate potential security risks. For detailed guidance, refer to the NETGEAR Security Advisory.

References

https://kb.netgear.com/000064460/Security-Advisory-for-Re...

x_refsource_MISC

CVSS V3.1

Score:

5.2

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 26, 2021
Vulnerability Reserved
Dec 25, 2021

Netgear

What is CVE-2021-45639?

References

CVSS V3.1

Timeline