First published: Sun Dec 26 2021(Updated: )
Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX200 before 1.0.3.106, R7000P before 1.3.3.140, RAX80 before 1.0.3.106, R6900P before 1.3.3.140, and RAX75 before 1.0.3.106.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Netgear R7000 Firmware | <1.0.11.110 | |
NETGEAR R7000 | ||
Netgear R7900 Firmware | <1.0.4.30 | |
Netgear R7900 | ||
Netgear R8000 Firmware | <1.0.4.62 | |
NETGEAR R8000 | ||
Netgear Rax200 Firmware | <1.0.3.106 | |
NETGEAR RAX200 | ||
Netgear R7000p Firmware | <1.3.3.140 | |
Netgear R7000P | ||
Netgear Rax80 Firmware | <1.0.3.106 | |
Netgear Rax80 | ||
Netgear R6900p Firmware | <1.3.3.140 | |
Netgear R6900P | ||
Netgear Rax75 Firmware | <1.0.3.106 | |
Netgear Rax75 | ||
All of | ||
Netgear R7000 Firmware | <1.0.11.110 | |
NETGEAR R7000 | ||
All of | ||
Netgear R7900 Firmware | <1.0.4.30 | |
Netgear R7900 | ||
All of | ||
Netgear R8000 Firmware | <1.0.4.62 | |
NETGEAR R8000 | ||
All of | ||
Netgear Rax200 Firmware | <1.0.3.106 | |
NETGEAR RAX200 | ||
All of | ||
Netgear R7000p Firmware | <1.3.3.140 | |
Netgear R7000P | ||
All of | ||
Netgear Rax80 Firmware | <1.0.3.106 | |
Netgear Rax80 | ||
All of | ||
Netgear R6900p Firmware | <1.3.3.140 | |
Netgear R6900P | ||
All of | ||
Netgear Rax75 Firmware | <1.0.3.106 | |
Netgear Rax75 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-45673 is medium with a CVSS score of 5.4.
NETGEAR devices R7000, R7900, R8000, RAX200, R7000P, RAX80, R6900P, and RAX75 are affected by CVE-2021-45673.
CVE-2021-45673 allows for stored cross-site scripting (XSS) attacks on the affected NETGEAR devices.
Upgrade to the respective firmware versions: R7000 1.0.11.110, R7900 1.0.4.30, R8000 1.0.4.62, RAX200 1.0.3.106, R7000P 1.3.3.140, RAX80 1.0.3.106, R6900P 1.3.3.140, or RAX75 1.0.3.106.
You can find more information about CVE-2021-45673 in the NETGEAR Security Advisory PSV-2020-0003.