Unrated severityNVD Advisory· Published Apr 15, 2020· Updated Aug 4, 2024

CVE-2020-11773

Description

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Stored XSS in several NETGEAR routers and gateways allows attackers to inject malicious scripts via device configuration pages.

Vulnerability

A stored cross-site scripting (XSS) vulnerability exists in the web-based administration interface of multiple NETGEAR router and gateway models. The vulnerability stems from insufficient sanitization of user-supplied input on device configuration pages, allowing script content to be permanently stored and later executed in the context of an administrator's browser session. Affected firmware versions are: D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10 [1].

Exploitation

An attacker must first obtain administrative access to the device's web interface, or have the ability to deliver crafted input to a logged-in administrator (e.g., through a phishing link that triggers a configuration change request). Because the vulnerability is stored, the injected script remains on the device and executes each time the affected page is loaded by any authenticated administrator. No additional user interaction beyond the initial administrative action is required for the script to persist and later activate [1].

Impact

Successful exploitation allows the attacker to execute arbitrary JavaScript within the security context of the affected router’s web interface. This can lead to session hijacking, exfiltration of sensitive configuration data (e.g., Wi-Fi passwords, VPN credentials), submission of malicious requests on behalf of the administrator, and potential further compromise of network resources. The scope of impact is limited to actions the administrator can perform from the web UI [1].

Mitigation

NETGEAR has released fixed firmware versions for all affected models as of April 2020. Users should upgrade to the following firmware: D7800 1.0.1.56, R7500v2 1.0.3.46, R7800 1.0.2.68, R8900 1.0.4.28, R9000 1.0.4.28, RAX120 1.0.0.78, XR500 2.3.2.56, XR700 1.0.1.10, or later. No workarounds are mentioned in the advisory; installing the latest firmware from NETGEAR Support is the only recommended course of action [1].

References

Security Advisory for Stored Cross Site Scripting on Some Routers and Gateways, PSV-2018-0521

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

NETGEAR/devicesdescription
Netgear/D7800llm-fuzzy
Range: < 1.0.1.56
Netgear/R7500v2llm-fuzzy
Range: < 1.0.3.46
Netgear/XR700llm-fuzzy
Range: < 1.0.1.10
Netgear/RAX120llm-fuzzy
Range: < 1.0.0.78
Netgear/R8900llm-fuzzy
Range: < 1.0.4.28
Netgear/R9000llm-fuzzy
Range: < 1.0.4.28
Netgear/R7800llm-fuzzy
Range: < 1.0.2.68
Netgear/Xr500llm-fuzzy
Range: < 2.3.2.56

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

kb.netgear.com/000061757/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Gateways-PSV-2018-0521mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000