What is the vulnerability ID for this vulnerability?

The vulnerability ID for this vulnerability is CVE-2020-35806.

Which NETGEAR devices are affected by this vulnerability?

This vulnerability affects certain NETGEAR devices including D7800, R7500v2, R7800, RAX120, RBK22, RBR20, RBS20, RBK40, RBR40, RBS40, RBK50, RBR50, RBS50, and WN3000rpv2.

What is the severity of CVE-2020-35806?

CVE-2020-35806 has a severity score of 4.8, which is considered medium.

How can I fix the vulnerability in my NETGEAR device?

To fix the vulnerability, you should update your NETGEAR device firmware to the latest version provided by NETGEAR.

Where can I find more information about CVE-2020-35806?

You can find more information about CVE-2020-35806 in the NETGEAR security advisory at the following link: [NETGEAR Security Advisory](https://kb.netgear.com/000062729/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2018-0539).

Vulnerability/
CVE-2020-35806

medium

CWE

29/12/2020

4/8/2024

CVE-2020-35806: XSS

First published: Tue Dec 29 2020(Updated: )

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, RAX120 before 1.0.0.78, RBK22 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and WN3000RPv2 before 1.0.0.78.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Netgear D7800 Firmware	<1.0.1.56
Netgear D7800
Netgear R7500v2 Firmware	<1.0.3.46
Netgear R7500v2
NETGEAR R7800 firmware	<1.0.2.68
NETGEAR R7800
Netgear Rax120 Firmware	<1.0.0.78
Netgear Rax120
Netgear Rbk22 Firmware	<2.3.5.26
Netgear Rbk22
Netgear Rbr20 Firmware	<2.3.5.26
Netgear Rbr20
Netgear Rbs20 Firmware	<2.3.5.26
Netgear Rbs20
Netgear Rbk40 Firmware	<2.3.5.30
Netgear Rbk40
Netgear Rbr40 Firmware	<2.3.5.30
Netgear Rbr40
Netgear Rbs40 Firmware	<2.3.5.30
Netgear Rbs40
Netgear Rbk50 Firmware	<2.3.5.30
Netgear Rbk50
Netgear Rbr50 Firmware	<2.3.5.30
Netgear Rbr50
Netgear Rbs50 Firmware	<2.3.5.30
Netgear Rbs50
Netgear Wn3000rpv2 Firmware	<1.0.0.78
Netgear Wn3000rpv2

Never miss a vulnerability like this again

Reference Links

https://kb.netgear.com/000062729/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2018-0539

Frequently Asked Questions

What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2020-35806.
Which NETGEAR devices are affected by this vulnerability?
This vulnerability affects certain NETGEAR devices including D7800, R7500v2, R7800, RAX120, RBK22, RBR20, RBS20, RBK40, RBR40, RBS40, RBK50, RBR50, RBS50, and WN3000rpv2.
What is the severity of CVE-2020-35806?
CVE-2020-35806 has a severity score of 4.8, which is considered medium.
How can I fix the vulnerability in my NETGEAR device?
To fix the vulnerability, you should update your NETGEAR device firmware to the latest version provided by NETGEAR.
Where can I find more information about CVE-2020-35806?
You can find more information about CVE-2020-35806 in the NETGEAR security advisory at the following link: [NETGEAR Security Advisory](https://kb.netgear.com/000062729/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2018-0539).