CVE-2020-35827 : Vulnerability Insights and Analysis
Learn about CVE-2020-35827, a stored XSS vulnerability affecting NETGEAR routers like D7800, RBK50, RBR50. Discover impact, affected systems, and mitigation steps.
Certain NETGEAR devices are affected by stored XSS vulnerability, impacting various models such as D7800, RBK50, RBR50, RBS50, R7800, R8900, R9000, XR500, XR700, and RAX120.
Understanding CVE-2020-35827
This CVE identifies a stored XSS vulnerability affecting specific NETGEAR devices.
What is CVE-2020-35827?
Stored XSS vulnerability impacting multiple NETGEAR router models.
The Impact of CVE-2020-35827
The vulnerability has a CVSS base score of 6.1 (Medium severity) with high confidentiality and integrity impact.
Technical Details of CVE-2020-35827
Stored XSS vulnerability details and affected systems.
Vulnerability Description
- Stored XSS vulnerability in certain NETGEAR devices
- Affected models include D7800, RBK50, RBR50, RBS50, R7800, R8900, R9000, XR500, XR700, and RAX120
Affected Systems and Versions
- D7800 before 1.0.1.56
- RBK50 before 2.3.5.30
- RBR50 before 2.3.5.30
- RBS50 before 2.3.5.30
- R7800 before 1.0.2.74
- R8900 before 1.0.4.28
- R9000 before 1.0.4.28
- XR500 before 2.3.2.56
- XR700 before 1.0.1.10
- RAX120 before 1.0.0.78
Exploitation Mechanism
- Attack Complexity: Low
- Attack Vector: Adjacent Network
- Privileges Required: High
- User Interaction: None
Mitigation and Prevention
Steps to mitigate and prevent the CVE-2020-35827 vulnerability.
Immediate Steps to Take
- Update affected devices to the latest firmware versions
- Monitor for any unusual activities on the network
- Implement strong password policies
Long-Term Security Practices
- Regularly update firmware and security patches
- Conduct security audits and assessments periodically
Patching and Updates
- Refer to the vendor's security advisory for patch availability and installation instructions