CVE-2020-35807 : Vulnerability Insights and Analysis
Learn about CVE-2020-35807 affecting certain NETGEAR devices with stored XSS. Find impacted systems, CVSS score, and mitigation steps in this article.
Certain NETGEAR devices are affected by stored XSS vulnerability.
Understanding CVE-2020-35807
What is CVE-2020-35807?
Certain NETGEAR devices are impacted by stored XSS, affecting various models before specific firmware versions.
The Impact of CVE-2020-35807
The vulnerability has a CVSS base score of 6 (Medium severity) with high confidentiality and integrity impacts.
Technical Details of CVE-2020-35807
Vulnerability Description
Stored XSS vulnerability affecting NETGEAR devices before specific firmware versions.
Affected Systems and Versions
- D7800 before 1.0.1.56
- R7800 before 1.0.2.68
- RAX120 before 1.0.0.78
- RBK22, RBR20, RBS20 before 2.3.5.26
- RBK40, RBR40, RBS40 before 2.3.5.30
- RBK50, RBR50, RBS50 before 2.3.5.30
- WN3000RPv2 before 1.0.0.78
Exploitation Mechanism
- Attack Complexity: Low
- Attack Vector: Local
- Privileges Required: High
- User Interaction: None
Mitigation and Prevention
Immediate Steps to Take
- Update affected devices to the latest firmware versions.
- Regularly monitor for security advisories from NETGEAR.
Long-Term Security Practices
- Implement network segmentation to limit the impact of potential attacks.
- Educate users on safe browsing practices and avoiding suspicious links.
Patching and Updates
Regularly check for firmware updates and apply them promptly to mitigate the vulnerability.