Share:

CVE-2020-26917

Moderate 4.8

Certain NETGEAR devices are affected by stored XSS. This affects EX7000 before 1.0.1.78, R6250 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R8300 before 1.0.2.128, and R8500 before 1.0.2.128.

Published October 9, 2020.

Affected software

Netgear R8300 Firmware

Netgear R6400 Firmware

Netgear Ex7000 Firmware

Netgear R8500 Firmware

Netgear R6250 Firmware

Netgear R6400v2 Firmware

Netgear R7300dst Firmware

Netgear R7100lg Firmware

Netgear R7900 Firmware

Get alerts for Netgear R8300 Firmware

Reference links

https://kb.netgear.com/000062336/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extender-and-Routers-PSV-2018-0242