2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2021-45665" ,
"sourceIdentifier" : "cve@mitre.org" ,
"published" : "2021-12-26T01:15:20.780" ,
2024-11-23 15:12:23 +00:00
"lastModified" : "2024-11-21T06:32:49.553" ,
"vulnStatus" : "Modified" ,
2024-12-08 03:06:42 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4."
} ,
{
"lang" : "es" ,
"value" : "Determinados dispositivos NETGEAR est\u00e1n afectados por un ataque de tipo XSS almacenado. Esto afecta a EAX20 versiones anteriores a 1.0.0.36, EAX80 versiones anteriores a 1.0.1.62, EX3700 versiones anteriores a 1.0.0.90, EX3800 versiones anteriores a 1.0.0.90, EX6120 versiones anteriores a 1.0.0.64, EX6130 versiones anteriores a 1.0.0.44, EX7500 versiones anteriores a 1.0.0.72, RBW30 versiones anteriores a 2.6.1.4, RBW40V versiones anteriores a 2.6.1.4. 6.1.4, RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6, RBS850 versiones anteriores a 3.2.16.6 y RBS40V versiones anteriores a 2.6.1.4"
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
2024-11-23 15:12:23 +00:00
"source" : "cve@mitre.org" ,
"type" : "Secondary" ,
2023-04-24 12:24:31 +02:00
"cvssData" : {
"version" : "3.1" ,
2024-11-23 15:12:23 +00:00
"vectorString" : "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L" ,
"baseScore" : 6.5 ,
"baseSeverity" : "MEDIUM" ,
"attackVector" : "ADJACENT_NETWORK" ,
"attackComplexity" : "HIGH" ,
2023-04-24 12:24:31 +02:00
"privilegesRequired" : "HIGH" ,
"userInteraction" : "REQUIRED" ,
"scope" : "CHANGED" ,
"confidentialityImpact" : "LOW" ,
2024-11-23 15:12:23 +00:00
"integrityImpact" : "HIGH" ,
"availabilityImpact" : "LOW"
2023-04-24 12:24:31 +02:00
} ,
2024-11-23 15:12:23 +00:00
"exploitabilityScore" : 0.7 ,
"impactScore" : 5.3
2023-04-24 12:24:31 +02:00
} ,
{
2024-11-23 15:12:23 +00:00
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
2023-04-24 12:24:31 +02:00
"cvssData" : {
"version" : "3.1" ,
2024-11-23 15:12:23 +00:00
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" ,
"baseScore" : 4.8 ,
"baseSeverity" : "MEDIUM" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
2023-04-24 12:24:31 +02:00
"privilegesRequired" : "HIGH" ,
"userInteraction" : "REQUIRED" ,
"scope" : "CHANGED" ,
"confidentialityImpact" : "LOW" ,
2024-11-23 15:12:23 +00:00
"integrityImpact" : "LOW" ,
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
2024-11-23 15:12:23 +00:00
"exploitabilityScore" : 1.7 ,
"impactScore" : 2.7
2023-04-24 12:24:31 +02:00
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N" ,
2024-11-23 15:12:23 +00:00
"baseScore" : 3.5 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "SINGLE" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "PARTIAL" ,
2024-11-23 15:12:23 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "LOW" ,
"exploitabilityScore" : 6.8 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : true
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-79"
}
]
}
] ,
"configurations" : [
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.0.36" ,
"matchCriteriaId" : "62EFA314-85C0-48CC-938E-E2BF42B16746"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A9D3B54B-33C0-4E50-AD2B-2097C612F288"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.1.62" ,
"matchCriteriaId" : "C7EE6BC6-DEDA-4005-9E29-D66D0BC7E5C2"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "97740F5D-063E-424F-A0FE-09EBE1100975"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.0.90" ,
"matchCriteriaId" : "20A423A5-04E9-4323-9818-6C9B78065103"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CDAA5899-B73C-4690-853E-B5400F034BE1"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.0.90" ,
"matchCriteriaId" : "850D0AE9-A57C-47D3-9D44-7EE24E6F594D"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CC5488D9-651C-4BAB-A141-06B816690D42"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.0.64" ,
"matchCriteriaId" : "9B9DB22D-0775-48CE-A97D-BA3B5873C9F8"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.0.44" ,
"matchCriteriaId" : "F747A14B-5331-428E-8B53-724090554E07"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "305E295C-9C73-4798-A0BE-7973E1EE5EAB"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.0.72" ,
"matchCriteriaId" : "3A9F4EEE-E2D2-42B2-BC5C-844055677C1C"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "44336289-F9DA-4779-8C1A-0221E29E2E2F"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "2.6.1.4" ,
"matchCriteriaId" : "6F388398-842E-40B1-9ACC-2D9A15D2BF2A"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FEA73D22-970D-45F2-81F3-9576C04CCC94"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.2.16.6" ,
"matchCriteriaId" : "FDD03FFF-ECAF-4527-A195-559DF479A0F2"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A45832BD-114D-42F1-B9F1-7532496D30A6"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.2.16.6" ,
"matchCriteriaId" : "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C13F5C69-FA9B-472A-9036-0C2967BDCDE9"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.2.16.6" ,
"matchCriteriaId" : "2C144D71-6C10-44CD-BFF9-907A92F0432C"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B529194C-C440-4BC3-850F-0613FC548F86"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.2.16.6" ,
"matchCriteriaId" : "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "14F257FE-31CE-4F74-829D-29407D74ADF7"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.2.16.6" ,
"matchCriteriaId" : "FE13548D-0A26-45C1-8424-D4705EB105EA"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D92E4C8E-222A-476C-8273-F7171FC61F0B"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.2.16.6" ,
"matchCriteriaId" : "041D94DE-78C9-475C-9FAE-0B081C69B55F"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "221CA950-E984-44CD-9E1B-3AADE3CEBE52"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "2.6.1.4" ,
"matchCriteriaId" : "E2240C06-A117-48E6-9576-C58F3314A160"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F0D05F28-47A2-46AE-992E-132B34F6194B"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://kb.netgear.com/000064120/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0247" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Patch" ,
"Vendor Advisory"
]
2024-11-23 15:12:23 +00:00
} ,
{
"url" : "https://kb.netgear.com/000064120/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0247" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch" ,
"Vendor Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
