What is the vulnerability ID for this NETGEAR vulnerability?

The vulnerability ID is CVE-2020-35807.

What is the severity rating of this vulnerability?

The severity rating of CVE-2020-35807 is 4.8 (Medium).

What is the Common Weakness Enumeration (CWE) ID related to this vulnerability?

The CWE ID related to CVE-2020-35807 is CWE-79 (Improper Neutralization of Input During Web Page Generation).

How can I fix this vulnerability on my NETGEAR device?

To fix this vulnerability, you should update the firmware of your NETGEAR device to the recommended version mentioned in the security advisory provided by NETGEAR.

Vulnerability/
CVE-2020-35807

medium

CWE

30/12/2020

4/1/2021

CVE-2020-35807: XSS

Q: Which NETGEAR devices are affected by this vulnerability?

The following NETGEAR devices are affected: D7800 before 1.0.1.56, R7800 before 1.0.2.68, RAX120 before 1.0.0.78, RBK22 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and Wn3000rpv2 before 1.0.0.78.

First published: Wed Dec 30 2020(Updated: )

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.68, RAX120 before 1.0.0.78, RBK22 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and WN3000RPv2 before 1.0.0.78.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Netgear D7800 Firmware	<1.0.1.56
Netgear D7800
NETGEAR R7800 firmware	<1.0.2.68
NETGEAR R7800
Netgear Rax120 Firmware	<1.0.0.78
Netgear Rax120
Netgear Rbk22 Firmware	<2.3.5.26
Netgear Rbk22
Netgear Rbr20 Firmware	<2.3.5.26
Netgear Rbr20
Netgear Rbs20 Firmware	<2.3.5.26
Netgear Rbs20
Netgear Rbk40 Firmware	<2.3.5.30
Netgear Rbk40
Netgear Rbr40 Firmware	<2.3.5.30
Netgear Rbr40
Netgear Rbs40 Firmware	<2.3.5.30
Netgear Rbs40
Netgear Rbk50 Firmware	<2.3.5.30
Netgear Rbk50
Netgear Rbr50 Firmware	<2.3.5.30
Netgear Rbr50
Netgear Rbs50 Firmware	<2.3.5.30
Netgear Rbs50
Netgear Wn3000rpv2 Firmware	<1.0.0.78
Netgear Wn3000rpv2

Never miss a vulnerability like this again

Reference Links

https://kb.netgear.com/000062730/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2018-0557

Frequently Asked Questions

What is the vulnerability ID for this NETGEAR vulnerability?
The vulnerability ID is CVE-2020-35807.
Which NETGEAR devices are affected by this vulnerability?
The following NETGEAR devices are affected: D7800 before 1.0.1.56, R7800 before 1.0.2.68, RAX120 before 1.0.0.78, RBK22 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and Wn3000rpv2 before 1.0.0.78.
What is the severity rating of this vulnerability?
The severity rating of CVE-2020-35807 is 4.8 (Medium).
What is the Common Weakness Enumeration (CWE) ID related to this vulnerability?
The CWE ID related to CVE-2020-35807 is CWE-79 (Improper Neutralization of Input During Web Page Generation).
How can I fix this vulnerability on my NETGEAR device?
To fix this vulnerability, you should update the firmware of your NETGEAR device to the recommended version mentioned in the security advisory provided by NETGEAR.

CVE-2020-35807: XSS

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID for this NETGEAR vulnerability?

Which NETGEAR devices are affected by this vulnerability?

What is the severity rating of this vulnerability?

What is the Common Weakness Enumeration (CWE) ID related to this vulnerability?

How can I fix this vulnerability on my NETGEAR device?

Company

Resources

Contact