CVE-2019-20715
Last modified
CVE-2019-20715 is a medium-severity vulnerability rated 4.8/10 on the CVSS scale. Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.63, D7800 before 1.0.1.47, DM200 before 1.0.0.61, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, and RBS50 before 2.3.0.32.. EPSS estimates a 0.63% chance of exploitation in the next 30 days.
Description
Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.63, D7800 before 1.0.1.47, DM200 before 1.0.0.61, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, and RBS50 before 2.3.0.32.
Metrics
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Netgear | D3600 Firmware | < 1.0.0.76 |
| Netgear | D6000 Firmware | < 1.0.0.76 |
| Netgear | D6100 Firmware | < 1.0.0.63 |
| Netgear | D7800 Firmware | < 1.0.1.47 |
| Netgear | Dm200 Firmware | < 1.0.0.61 |
| Netgear | R7500 Firmware | < 1.0.3.40 |
| Netgear | R7800 Firmware | < 1.0.2.60 |
| Netgear | Rbk50 Firmware | < 2.3.0.32 |
| Netgear | Rbr50 Firmware | < 2.3.0.32 |
| Netgear | Rbs50 Firmware | < 2.3.0.32 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-20715?
How severe is CVE-2019-20715?
How do I fix CVE-2019-20715?
Are you affected by CVE-2019-20715?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST