CVE-2017-18715
MEDIUMNETGEAR EX3700/EX3800/EX6100/EX6120/EX6150/EX6200/EX7000 Firmware - Reflected Cross-Site Scripting
Title source: llmDescription
Certain NETGEAR devices are affected by reflected XSS. This affects EX3700 before 1.0.0.66, EX3800 before 1.0.0.66, EX6100 before 1.0.2.20, EX6120 before 1.0.0.34, EX6150 before 1.0.0.36, EX6200 before 1.0.3.84, and EX7000 before 1.0.0.60.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://kb.netgear.com/000053133/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Extenders-PSV-2016-0075
Scores
CVSS v3
6.1
EPSS
0.0042
EPSS Percentile
62.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (7)
netgear/ex3700_firmware
< 1.0.0.66
netgear/ex3800_firmware
< 1.0.0.66
netgear/ex6100_firmware
< 1.0.2.20
netgear/ex6120_firmware
< 1.0.0.34
netgear/ex6150_firmware
< 1.0.0.36
netgear/ex6200_firmware
< 1.0.3.84
netgear/ex7000_firmware
< 1.0.0.60
Published
Apr 24, 2020
Tracked Since
Feb 18, 2026