Stored XSS Vulnerability in NETGEAR R7000 Devices
CVE-2021-45663
6.1MEDIUM
Summary
The NETGEAR R7000 devices prior to version 1.0.11.126 are susceptible to stored cross-site scripting (XSS) vulnerabilities, allowing attackers to inject malicious scripts. This can result in unauthorized information disclosure or user session hijacking, impacting the integrity of user data and the security of the network.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved