CVE-2019-20759 — Cross-site Scripting in Netgear R9000 Firmware

Severity

5.2MEDIUMNVD

EPSS

0.2%

top 60.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedApr 16

Latest updateMay 24

Description

NETGEAR R9000 devices before 1.0.4.26 are affected by stored XSS.

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.1 | Impact: 2.7

GHSA

GHSA-w79x-7x76-qxrp: NETGEAR R9000 devices before 1↗2022-05-24

▶

CVEList

CVE-2019-20759: NETGEAR R9000 devices before 1↗2020-04-16

▶