Description Preview
Overview
This vulnerability (CVE-2020-11787) is a stored Cross-Site Scripting (XSS) issue affecting numerous NETGEAR networking devices. The vulnerability allows an attacker to inject and store malicious scripts on the affected device. When a user accesses the compromised page or interface, the malicious script executes within their browser in the context of their session. This can lead to various attacks including cookie theft, credential harvesting, session hijacking, and potentially gaining administrative access to the device. The vulnerability affects a wide range of NETGEAR products including routers, gateways, and mesh WiFi systems across their consumer and prosumer product lines.
Remediation
To address this vulnerability, users should update their NETGEAR device firmware to the following minimum versions or later:
- D7800: Update to version 1.0.1.56 or later
- R7500v2: Update to version 1.0.3.46 or later
- R7800: Update to version 1.0.2.68 or later
- R8900: Update to version 1.0.4.28 or later
- R9000: Update to version 1.0.4.28 or later
- RAX120: Update to version 1.0.0.78 or later
- RBR20/RBS20/RBK20: Update to version 2.3.5.26 or later
- RBR40/RBS40/RBK40: Update to version 2.3.5.30 or later
- RBR50/RBS50/RBK50: Update to version 2.3.5.30 or later
- XR500: Update to version 2.3.2.56 or later
- XR700: Update to version 1.0.1.10 or later
Firmware updates can be downloaded from the NETGEAR support website or through the device's administrative interface. Additionally, users should implement general security best practices such as changing default credentials, disabling remote management if not needed, and ensuring their network is properly secured.
References
- NETGEAR Security Advisory for Stored Cross-Site Scripting: https://kb.netgear.com/000061743/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2018-0553
- MITRE CWE-79 (Cross-site Scripting): https://cwe.mitre.org/data/definitions/79.html
- CVE-2020-11787 Details: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11787
Industry ExposureMost to leastThis section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.
- Accommodation & Food ServicesAccommodation & Food Services
- Administrative, Support, Waste Management & Remediation ServicesAdministrative, Support, Waste Management & Remediation Services
- Agriculture, Forestry Fishing & HuntingAgriculture, Forestry Fishing & Hunting
- Arts, Entertainment & RecreationArts, Entertainment & Recreation
- ConstructionConstruction
- Educational ServicesEducational Services
- Finance and InsuranceFinance and Insurance
- Health Care & Social AssistanceHealth Care & Social Assistance
- InformationInformation
- Management of Companies & EnterprisesManagement of Companies & Enterprises
- ManufacturingManufacturing
- MiningMining
- Other Services (except Public Administration)Other Services (except Public Administration)
- Professional, Scientific, & Technical ServicesProfessional, Scientific, & Technical Services
- Public AdministrationPublic Administration
- Real Estate Rental & LeasingReal Estate Rental & Leasing
- Retail TradeRetail Trade
- Transportation & WarehousingTransportation & Warehousing
- UtilitiesUtilities
- Wholesale TradeWholesale Trade
