ID
VAR-202004-1669
CVE
CVE-2018-21167
TITLE
plural NETGEAR Cross-site scripting vulnerabilities in devices
Trust: 0.8
DESCRIPTION
Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.57, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.78, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.42, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. This affects D6100 prior to 1.0.0.57, DM200 prior to 1.0.0.50, EX2700 prior to 1.0.1.32, EX6100v2 prior to 1.0.1.70, EX6150v2 prior to 1.0.1.70, EX6200v2 prior to 1.0.1.62, EX6400 prior to 1.0.1.78, EX7300 prior to 1.0.1.78, EX8000 prior to 1.0.0.114, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.42, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.42, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64
Trust: 1.71
AFFECTED PRODUCTS
| vendor: | netgear | model: | wndr3700 | scope: | lt | version: | 1.0.2.96 | Trust: 1.0 |
| vendor: | netgear | model: | r9000 | scope: | lt | version: | 1.0.3.10 | Trust: 1.0 |
| vendor: | netgear | model: | ex8000 | scope: | lt | version: | 1.0.0.114 | Trust: 1.0 |
| vendor: | netgear | model: | wn3100rp | scope: | lt | version: | 1.0.0.42 | Trust: 1.0 |
| vendor: | netgear | model: | ex6200 | scope: | lt | version: | 1.0.1.62 | Trust: 1.0 |
| vendor: | netgear | model: | ex6400 | scope: | lt | version: | 1.0.1.78 | Trust: 1.0 |
| vendor: | netgear | model: | wndr4300 | scope: | lt | version: | 1.0.0.54 | Trust: 1.0 |
| vendor: | netgear | model: | ex6100 | scope: | lt | version: | 1.0.1.70 | Trust: 1.0 |
| vendor: | netgear | model: | r7500 | scope: | lt | version: | 1.0.0.122 | Trust: 1.0 |
| vendor: | netgear | model: | d6100 | scope: | lt | version: | 1.0.0.57 | Trust: 1.0 |
| vendor: | netgear | model: | ex7300 | scope: | lt | version: | 1.0.1.78 | Trust: 1.0 |
| vendor: | netgear | model: | wn2000rpt | scope: | lt | version: | 1.0.1.26 | Trust: 1.0 |
| vendor: | netgear | model: | wn3000rp | scope: | lt | version: | 1.0.2.66 | Trust: 1.0 |
| vendor: | netgear | model: | r8900 | scope: | lt | version: | 1.0.3.10 | Trust: 1.0 |
| vendor: | netgear | model: | ex6150 | scope: | lt | version: | 1.0.1.70 | Trust: 1.0 |
| vendor: | netgear | model: | wnr2000 | scope: | lt | version: | 1.0.0.64 | Trust: 1.0 |
| vendor: | netgear | model: | wndr4500 | scope: | lt | version: | 1.0.0.54 | Trust: 1.0 |
| vendor: | netgear | model: | dm200 | scope: | lt | version: | 1.0.0.50 | Trust: 1.0 |
| vendor: | netgear | model: | r6100 | scope: | lt | version: | 1.0.1.22 | Trust: 1.0 |
| vendor: | netgear | model: | wndr4300 | scope: | lt | version: | 1.0.2.98 | Trust: 1.0 |
| vendor: | netgear | model: | r7800 | scope: | lt | version: | 1.0.2.42 | Trust: 1.0 |
| vendor: | netgear | model: | ex2700 | scope: | lt | version: | 1.0.1.32 | Trust: 1.0 |
| vendor: | netgear | model: | d6100 | scope: | eq | version: | 1.0.0.57 | Trust: 0.8 |
| vendor: | netgear | model: | dm200 | scope: | eq | version: | 1.0.0.50 | Trust: 0.8 |
| vendor: | netgear | model: | ex2700 | scope: | eq | version: | 1.0.1.32 | Trust: 0.8 |
| vendor: | netgear | model: | ex6100 | scope: | eq | version: | 1.0.1.70 | Trust: 0.8 |
| vendor: | netgear | model: | ex6150 | scope: | eq | version: | 1.0.1.70 | Trust: 0.8 |
| vendor: | netgear | model: | ex6200 | scope: | eq | version: | 1.0.1.62 | Trust: 0.8 |
| vendor: | netgear | model: | ex6400 | scope: | eq | version: | 1.0.1.78 | Trust: 0.8 |
| vendor: | netgear | model: | ex7300 | scope: | eq | version: | 1.0.1.78 | Trust: 0.8 |
| vendor: | netgear | model: | ex8000 | scope: | eq | version: | 1.0.0.114 | Trust: 0.8 |
| vendor: | netgear | model: | r6100 | scope: | eq | version: | 1.0.1.22 | Trust: 0.8 |
| vendor: | netgear | model: | d6100 | scope: | eq | version: | 1.0.0.50 0.0.50 | Trust: 0.1 |
| vendor: | netgear | model: | d6100 | scope: | eq | version: | 1.0.0.55 | Trust: 0.1 |
| vendor: | netgear | model: | d6100 | scope: | eq | version: | 1.0.0.56 | Trust: 0.1 |
| vendor: | netgear | model: | ex2700 | scope: | eq | version: | 1.0.1.28 | Trust: 0.1 |
| vendor: | netgear | model: | ex6100 | scope: | eq | version: | 1.0.1.50 | Trust: 0.1 |
| vendor: | netgear | model: | ex6100 | scope: | eq | version: | 1.0.1.54 | Trust: 0.1 |
| vendor: | netgear | model: | ex6100 | scope: | eq | version: | 1.0.1.60 | Trust: 0.1 |
| vendor: | netgear | model: | ex6150 | scope: | eq | version: | - | Trust: 0.1 |
| vendor: | netgear | model: | ex6150 | scope: | eq | version: | 1.0.0.34 1.0.70 | Trust: 0.1 |
| vendor: | netgear | model: | ex6150 | scope: | eq | version: | 1.0.0.36 | Trust: 0.1 |
| vendor: | netgear | model: | ex6150 | scope: | eq | version: | 1.0.0.38 | Trust: 0.1 |
| vendor: | netgear | model: | ex6150 | scope: | eq | version: | 1.0.0.42 | Trust: 0.1 |
| vendor: | netgear | model: | ex6150 | scope: | eq | version: | 1.0.0.48 | Trust: 0.1 |
| vendor: | netgear | model: | ex6150 | scope: | eq | version: | 1.0.1.50 | Trust: 0.1 |
| vendor: | netgear | model: | ex6150 | scope: | eq | version: | 1.0.1.54 | Trust: 0.1 |
| vendor: | netgear | model: | ex6150 | scope: | eq | version: | 1.0.1.60 | Trust: 0.1 |
| vendor: | netgear | model: | ex6200 | scope: | eq | version: | 1.0.1.44 | Trust: 0.1 |
| vendor: | netgear | model: | ex6200 | scope: | eq | version: | 1.0.1.50 | Trust: 0.1 |
| vendor: | netgear | model: | ex6200 | scope: | eq | version: | 1.0.1.52 | Trust: 0.1 |
| vendor: | netgear | model: | ex6200 | scope: | eq | version: | 1.0.1.56 | Trust: 0.1 |
| vendor: | netgear | model: | ex6400 | scope: | eq | version: | 1.0.1.60 | Trust: 0.1 |
| vendor: | netgear | model: | ex6400 | scope: | eq | version: | 1.0.1.72 | Trust: 0.1 |
| vendor: | netgear | model: | ex7300 | scope: | eq | version: | - | Trust: 0.1 |
| vendor: | netgear | model: | ex7300 | scope: | eq | version: | 1.0.1 | Trust: 0.1 |
| vendor: | netgear | model: | ex7300 | scope: | eq | version: | 1.0.1.60 | Trust: 0.1 |
| vendor: | netgear | model: | ex7300 | scope: | eq | version: | 1.0.1.62 | Trust: 0.1 |
| vendor: | netgear | model: | ex7300 | scope: | eq | version: | 1.0.1.72 | Trust: 0.1 |
| vendor: | netgear | model: | ex8000 | scope: | eq | version: | 1.0.0.102 | Trust: 0.1 |
| vendor: | netgear | model: | r6100 | scope: | eq | version: | 1.0.1.12 | Trust: 0.1 |
| vendor: | netgear | model: | r6100 | scope: | eq | version: | 1.0.1.14 | Trust: 0.1 |
| vendor: | netgear | model: | r6100 | scope: | eq | version: | 1.0.1.16 | Trust: 0.1 |
| vendor: | netgear | model: | r6100 | scope: | eq | version: | 1.0.1.20 | Trust: 0.1 |
| vendor: | netgear | model: | r7500 | scope: | eq | version: | 1.0.0.108 | Trust: 0.1 |
| vendor: | netgear | model: | r7500 | scope: | eq | version: | 1.0.0.110 | Trust: 0.1 |
| vendor: | netgear | model: | r7500 | scope: | eq | version: | 1.0.0.112 | Trust: 0.1 |
| vendor: | netgear | model: | r7500 | scope: | eq | version: | 1.0.0.116 | Trust: 0.1 |
| vendor: | netgear | model: | r7500 | scope: | eq | version: | 1.0.0.118 | Trust: 0.1 |
| vendor: | netgear | model: | r7800 | scope: | eq | version: | 1.0.2.16 | Trust: 0.1 |
| vendor: | netgear | model: | r7800 | scope: | eq | version: | 1.0.2.28 | Trust: 0.1 |
| vendor: | netgear | model: | r7800 | scope: | eq | version: | 1.0.2.30 | Trust: 0.1 |
| vendor: | netgear | model: | r7800 | scope: | eq | version: | 1.0.2.32 | Trust: 0.1 |
| vendor: | netgear | model: | r7800 | scope: | eq | version: | 1.0.2.36 | Trust: 0.1 |
| vendor: | netgear | model: | r7800 | scope: | eq | version: | 1.0.2.38 | Trust: 0.1 |
| vendor: | netgear | model: | r7800 | scope: | eq | version: | 1.0.2.40 | Trust: 0.1 |
| vendor: | netgear | model: | r8900 | scope: | eq | version: | - | Trust: 0.1 |
| vendor: | netgear | model: | r8900 | scope: | eq | version: | 1.0.3.6 | Trust: 0.1 |
| vendor: | netgear | model: | r9000 | scope: | eq | version: | - | Trust: 0.1 |
| vendor: | netgear | model: | r9000 | scope: | eq | version: | 1.0.2.4 | Trust: 0.1 |
| vendor: | netgear | model: | r9000 | scope: | eq | version: | 1.0.2.30 | Trust: 0.1 |
| vendor: | netgear | model: | r9000 | scope: | eq | version: | 1.0.2.40 | Trust: 0.1 |
| vendor: | netgear | model: | r9000 | scope: | eq | version: | 1.0.2.52 | Trust: 0.1 |
| vendor: | netgear | model: | r9000 | scope: | eq | version: | 1.0.3.6 | Trust: 0.1 |
| vendor: | netgear | model: | wn2000rpt | scope: | eq | version: | 1.0.1.8 | Trust: 0.1 |
| vendor: | netgear | model: | wn2000rpt | scope: | eq | version: | 1.0.1.14 | Trust: 0.1 |
| vendor: | netgear | model: | wn2000rpt | scope: | eq | version: | 1.0.1.20 | Trust: 0.1 |
| vendor: | netgear | model: | wn3000rp | scope: | eq | version: | 1.0.0.52 | Trust: 0.1 |
| vendor: | netgear | model: | wn3000rp | scope: | eq | version: | 1.0.0.56 | Trust: 0.1 |
| vendor: | netgear | model: | wn3000rp | scope: | eq | version: | 1.0.0.68 | Trust: 0.1 |
| vendor: | netgear | model: | wn3000rp | scope: | eq | version: | 1.0.2.44 | Trust: 0.1 |
| vendor: | netgear | model: | wn3000rp | scope: | eq | version: | 1.0.2.50 | Trust: 0.1 |
| vendor: | netgear | model: | wn3000rp | scope: | eq | version: | 1.0.2.52 | Trust: 0.1 |
| vendor: | netgear | model: | wn3100rp | scope: | eq | version: | 1.0.0.20 | Trust: 0.1 |
| vendor: | netgear | model: | wn3100rp | scope: | eq | version: | 1.0.0.40 | Trust: 0.1 |
| vendor: | netgear | model: | wndr3700 | scope: | eq | version: | - | Trust: 0.1 |
| vendor: | netgear | model: | wndr3700 | scope: | eq | version: | 1.0.2.86 | Trust: 0.1 |
| vendor: | netgear | model: | wndr3700 | scope: | eq | version: | 1.0.2.88 | Trust: 0.1 |
| vendor: | netgear | model: | wndr3700 | scope: | eq | version: | 1.0.2.92 | Trust: 0.1 |
| vendor: | netgear | model: | wndr3700 | scope: | eq | version: | 1.0.2.94 | Trust: 0.1 |
| vendor: | netgear | model: | wndr4300 | scope: | eq | version: | 1.0.0.48 | Trust: 0.1 |
| vendor: | netgear | model: | wndr4300 | scope: | eq | version: | 1.0.0.50 | Trust: 0.1 |
| vendor: | netgear | model: | wndr4300 | scope: | eq | version: | 1.0.0.52 | Trust: 0.1 |
| vendor: | netgear | model: | wndr4300 | scope: | eq | version: | 1.0.0.54 | Trust: 0.1 |
| vendor: | netgear | model: | wndr4300 | scope: | eq | version: | 1.0.0.56 | Trust: 0.1 |
| vendor: | netgear | model: | wndr4300 | scope: | eq | version: | 1.0.2.88 | Trust: 0.1 |
| vendor: | netgear | model: | wndr4300 | scope: | eq | version: | 1.0.2.90 | Trust: 0.1 |
| vendor: | netgear | model: | wndr4300 | scope: | eq | version: | 1.0.2.92 | Trust: 0.1 |
| vendor: | netgear | model: | wndr4300 | scope: | eq | version: | 1.0.2.94 | Trust: 0.1 |
| vendor: | netgear | model: | wndr4300 | scope: | eq | version: | 1.0.2.96 | Trust: 0.1 |
| vendor: | netgear | model: | wndr4500 | scope: | eq | version: | - | Trust: 0.1 |
| vendor: | netgear | model: | wndr4500 | scope: | eq | version: | 1.0.0.48 | Trust: 0.1 |
| vendor: | netgear | model: | wndr4500 | scope: | eq | version: | 1.0.0.50 | Trust: 0.1 |
| vendor: | netgear | model: | wndr4500 | scope: | eq | version: | 1.0.0.52 | Trust: 0.1 |
| vendor: | netgear | model: | wnr2000 | scope: | eq | version: | 1.0.0.42 | Trust: 0.1 |
| vendor: | netgear | model: | wnr2000 | scope: | eq | version: | 1.0.0.48 | Trust: 0.1 |
| vendor: | netgear | model: | wnr2000 | scope: | eq | version: | 1.0.0.58 | Trust: 0.1 |
| vendor: | netgear | model: | wnr2000 | scope: | eq | version: | 1.0.0.62 | Trust: 0.1 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-79 | Trust: 1.8 |
THREAT TYPE
remote
Trust: 0.6
TYPE
XSS
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | Security Advisory for Stored Cross-Site Scripting on Routers, Gateways, Extenders, and DSL Modems, PSV-2017-3093 | url: | https://kb.netgear.com/000055191/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Routers-Gateways-Extenders-and-DSL-Modems-PSV-2017-3093 | Trust: 0.8 |
| title: | Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117304 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2018-21167 | Trust: 2.5 |
| db: | JVNDB | id: | JVNDB-2018-016392 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202004-2209 | Trust: 0.6 |
| db: | VULMON | id: | CVE-2018-21167 | Trust: 0.1 |
REFERENCES
| url: | https://kb.netgear.com/000055191/security-advisory-for-stored-cross-site-scripting-on-routers-gateways-extenders-and-dsl-modems-psv-2017-3093 | Trust: 1.7 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2018-21167 | Trust: 1.4 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21167 | Trust: 0.8 |
| url: | https://cwe.mitre.org/data/definitions/79.html | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
SOURCES
| db: | VULMON | id: | CVE-2018-21167 |
| db: | JVNDB | id: | JVNDB-2018-016392 |
| db: | CNNVD | id: | CNNVD-202004-2209 |
| db: | NVD | id: | CVE-2018-21167 |
LAST UPDATE DATE
2024-11-23T22:41:06.396000+00:00
SOURCES UPDATE DATE
| db: | VULMON | id: | CVE-2018-21167 | date: | 2020-05-05T00:00:00 |
| db: | JVNDB | id: | JVNDB-2018-016392 | date: | 2020-06-02T00:00:00 |
| db: | CNNVD | id: | CNNVD-202004-2209 | date: | 2020-05-06T00:00:00 |
| db: | NVD | id: | CVE-2018-21167 | date: | 2024-11-21T04:03:04.040 |
SOURCES RELEASE DATE
| db: | VULMON | id: | CVE-2018-21167 | date: | 2020-04-27T00:00:00 |
| db: | JVNDB | id: | JVNDB-2018-016392 | date: | 2020-06-02T00:00:00 |
| db: | CNNVD | id: | CNNVD-202004-2209 | date: | 2020-04-27T00:00:00 |
| db: | NVD | id: | CVE-2018-21167 | date: | 2020-04-27T18:15:12.670 |