CVE-2020-11773 : Security Advisory and Response
Learn about CVE-2020-11773 affecting NETGEAR devices like D7800, R7500v2, R7800, R8900, R9000, RAX120, XR500, and XR700. Discover the impact, affected versions, and mitigation steps.
Certain NETGEAR devices are affected by stored XSS vulnerability.
Understanding CVE-2020-11773
What is CVE-2020-11773?
Certain NETGEAR devices, including D7800, R7500v2, R7800, R8900, R9000, RAX120, XR500, and XR700, are vulnerable to stored XSS.
The Impact of CVE-2020-11773
The vulnerability has a CVSS base score of 6 (Medium severity) with high confidentiality and integrity impact.
Technical Details of CVE-2020-11773
Vulnerability Description
Stored XSS vulnerability affecting specific NETGEAR devices.
Affected Systems and Versions
- D7800 before 1.0.1.56
- R7500v2 before 1.0.3.46
- R7800 before 1.0.2.68
- R8900 before 1.0.4.28
- R9000 before 1.0.4.28
- RAX120 before 1.0.0.78
- XR500 before 2.3.2.56
- XR700 before 1.0.1.10
Exploitation Mechanism
- Attack Complexity: Low
- Attack Vector: Local
- Privileges Required: High
- User Interaction: None
Mitigation and Prevention
Immediate Steps to Take
- Update affected devices to the latest firmware versions.
- Monitor for any unusual activities on the network.
Long-Term Security Practices
- Regularly update firmware and security patches.
- Implement network segmentation to limit the impact of potential attacks.
Patching and Updates
Regularly check for firmware updates and security advisories from NETGEAR.