2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2019-20750" ,
"sourceIdentifier" : "cve@mitre.org" ,
"published" : "2020-04-16T21:15:13.003" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T04:39:15.850" ,
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.47, EX6150v2 before 1.0.1.76, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN2000RPTv3 before 1.0.1.32, WN3000RPv3 before 1.0.2.70, and WN3100RPv2 before 1.0.0.66."
} ,
{
"lang" : "es" ,
"value" : "Determinados dispositivos NETGEAR est\u00e1n afectados por una vulnerabilidad de tipo XSS almacenado. Esto afecta a D7800 versiones anteriores a 1.0.1.47, EX6150v2 versiones anteriores a 1.0.1.76, R7500v2 versiones anteriores a 1.0.3.38, R7800 versiones anteriores a 1.0.2.52, R8900 versiones anteriores a 1.0.4.12, R9000 versiones anteriores a 1.0.4.12, WN2000RPTv3 versiones anteriores a 1.0.1.32, WN3000RPv3 versiones anteriores a 1.0.2.70, y WN3100RPv2 versiones anteriores a 1.0.0.66."
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 4.8 ,
"baseSeverity" : "MEDIUM" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "HIGH" ,
"userInteraction" : "REQUIRED" ,
"scope" : "CHANGED" ,
"confidentialityImpact" : "LOW" ,
"integrityImpact" : "LOW" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 1.7 ,
"impactScore" : 2.7
}
] ,
"cvssMetricV30" : [
{
"source" : "cve@mitre.org" ,
"type" : "Secondary" ,
"cvssData" : {
"version" : "3.0" ,
"vectorString" : "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 4.8 ,
"baseSeverity" : "MEDIUM" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "ADJACENT_NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "HIGH" ,
"userInteraction" : "NONE" ,
"scope" : "CHANGED" ,
"confidentialityImpact" : "LOW" ,
"integrityImpact" : "LOW" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 1.7 ,
"impactScore" : 2.7
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 3.5 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "SINGLE" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "PARTIAL" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "LOW" ,
"exploitabilityScore" : 6.8 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : true
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-79"
}
]
}
] ,
"configurations" : [
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.1.47" ,
"matchCriteriaId" : "BEF729AE-1D95-448C-80FA-8FAE723C1EC3"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DA2D4987-3726-4A72-8D32-592F59FAC46D"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.1.76" ,
"matchCriteriaId" : "CC89483B-6D99-4A1B-A513-B50EA44DA963"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:ex6100:v2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "88DD070C-7CBD-48A5-8D77-7C3D1C502D65"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.1.76" ,
"matchCriteriaId" : "542F7529-27DB-41F1-A8E4-FA7A596E5DCC"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:ex6150:v2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "49846803-C6FB-4DD3-ADA7-78B9923536F2"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.3.38" ,
"matchCriteriaId" : "536487B8-FF04-4526-BE91-44437256525C"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2E0DFBF4-E393-44AE-AEF9-1B2059EE5AE8"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.2.52" ,
"matchCriteriaId" : "2C2195F1-18F6-4397-9D28-7A92003B7A76"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "17CF7445-6950-45FE-9D1A-E23F63316329"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.4.12" ,
"matchCriteriaId" : "E5AC056A-DF92-4CA7-9919-2C9BDAE3C32D"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0F859165-8D89-4CDD-9D48-9C7923D2261F"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.4.12" ,
"matchCriteriaId" : "F1F914AD-70DC-47F5-A2F7-672DBE89C62E"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:wn2000rpt_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.1.32" ,
"matchCriteriaId" : "317AE6B1-BA33-49DF-A839-A49C5493996E"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:wn2000rpt:v3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6FB1BE0D-E3CF-4C16-8C11-706B238E9934"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.2.70" ,
"matchCriteriaId" : "DB6FCA6E-55DB-4D65-BD80-BF186C2F04FB"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AB71AC74-2D1B-4F1E-A70F-6590A00AAD9E"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.0.66" ,
"matchCriteriaId" : "A480981E-57ED-47E3-B9AB-190E4783DC04"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:wn3100rp:v2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4D8680F5-0C06-4CFC-8BA0-CF85D0438419"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://kb.netgear.com/000060966/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-Gateways-and-Routers-PSV-2018-0173" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://kb.netgear.com/000060966/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-Gateways-and-Routers-PSV-2018-0173" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
