CVE-2021-45668

Published Dec 26, 2021
Last updated 3 years ago
CVSS medium 4.8
Overview

Description: Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, R7900P before 1.4.1.66, R8000P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106.
Source: cve@mitre.org
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 4.8
Impact score: 2.7
Exploitability score: 1.7
Vector string: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 3.5
Impact score: 2.9
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-79
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42805332-33C3-49EB-9A55-952FA3E76A0B",
            "versionEndExcluding": "1.0.0.48"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A9D3B54B-33C0-4E50-AD2B-2097C612F288"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1344C924-0296-4F49-BF9F-113BB643CDD5",
            "versionEndExcluding": "1.0.1.64"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "97740F5D-063E-424F-A0FE-09EBE1100975"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B9DB22D-0775-48CE-A97D-BA3B5873C9F8",
            "versionEndExcluding": "1.0.0.64"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F747A14B-5331-428E-8B53-724090554E07",
            "versionEndExcluding": "1.0.0.44"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A9F4EEE-E2D2-42B2-BC5C-844055677C1C",
            "versionEndExcluding": "1.0.0.72"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "44336289-F9DA-4779-8C1A-0221E29E2E2F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B717BA8-81B7-470C-BF20-A4318D063D77",
            "versionEndExcluding": "1.4.1.66"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "091CEDB5-0069-4253-86D8-B9FE17CB9F24"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04513F08-329D-446F-A356-29074C1C0BEA",
            "versionEndExcluding": "1.0.3.106"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20A423A5-04E9-4323-9818-6C9B78065103",
            "versionEndExcluding": "1.0.0.90"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "101031E9-479E-4F86-B83A-19376F8C8A45",
            "versionEndExcluding": "1.4.1.66"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93EF1D39-E084-40E9-86CF-C590763841A0",
            "versionEndExcluding": "1.0.2.82"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7038703C-C79D-4DD4-8B16-E1A5FC6694C0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7932C371-669C-43C0-94A4-17BD4BDE8C74",
            "versionEndExcluding": "1.0.2.72"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34D7AF28-F117-4E31-AED8-A3179B1BE182",
            "versionEndExcluding": "1.0.3.106"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "06B5A85C-3588-4263-B9AD-4E56D3F6CB16"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "850D0AE9-A57C-47D3-9D44-7EE24E6F594D",
            "versionEndExcluding": "1.0.0.90"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65F881E3-22B3-40D9-A896-51B13FD09EAA",
            "versionEndExcluding": "1.4.1.66"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED73C5EC-C8D3-4206-BCAA-0901F786DD98",
            "versionEndExcluding": "1.0.2.82"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B624B4D3-BCF4-4F95-B401-A88BEC3145A5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3DD37BF-8664-412F-9A71-58880AF20242",
            "versionEndIncluding": "1.0.2.72"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C430976E-24C0-4EA7-BF54-F9C188AB9C01"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0318AD0-52A7-490F-94C1-D07C97370D2C",
            "versionEndExcluding": "1.0.3.106"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
