CVE-2021-45664 — Cross-site Scripting in Netgear R7000 Firmware

Severity

4.8MEDIUMNVD

CNA5.6

EPSS

0.3%

top 44.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedDec 26

Latest updateDec 27

Description

NETGEAR R7000 devices before 1.0.11.126 are affected by stored XSS.

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:NExploitability: 1.7 | Impact: 2.7

GHSA

GHSA-ghwq-75x7-4r28: NETGEAR R7000 devices before 1↗2021-12-27

▶

CVEList

CVE-2021-45664: NETGEAR R7000 devices before 1↗2021-12-26

▶