Unrated severityNVD Advisory· Published Apr 15, 2020· Updated Aug 4, 2024

CVE-2020-11777

Description

Certain NETGEAR devices are affected by Stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Stored XSS vulnerability in multiple NETGEAR routers allows attackers to inject malicious scripts via the web interface.

Vulnerability

A stored cross-site scripting (XSS) vulnerability exists in the web-based management interface of multiple NETGEAR router and gateway models. The vulnerability affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10 [1]. The flaw allows an attacker to store arbitrary JavaScript or HTML in a field that is later rendered to an administrator or other user, leading to script execution in the context of the affected application.

Exploitation

An attacker must have network access to the device's web interface and the ability to submit input that is not properly sanitized. The attacker can craft a malicious payload and inject it into a vulnerable parameter (e.g., a configuration field). When an administrator or other user views the affected page, the stored script executes in their browser. No authentication is required for the injection if the vulnerable endpoint is exposed, but the advisory does not specify exact preconditions; however, stored XSS typically requires the attacker to have some level of access to submit data.

Impact

Successful exploitation allows the attacker to execute arbitrary JavaScript in the context of the victim's browser session. This can lead to session hijacking, defacement, redirection to malicious sites, or theft of sensitive information displayed on the interface. The impact is limited to the web application's domain and does not directly provide code execution on the device itself.

Mitigation

NETGEAR has released firmware updates to address this vulnerability. Users should update to the following fixed versions: D7800 firmware 1.0.1.56, R7500v2 firmware 1.0.3.46, R7800 firmware 1.0.2.68, R8900 firmware 1.0.4.28, R9000 firmware 1.0.4.28, RAX120 firmware 1.0.0.78, XR500 firmware 2.3.2.56, and XR700 firmware 1.0.1.10 [1]. No workarounds are provided; updating firmware is the recommended mitigation. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog as of the publication date.

References

Security Advisory for Stored Cross Site Scripting on Some Routers and Gateway, PSV-2018-0525

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

NETGEAR/devicesdescription
Netgear/D7800llm-fuzzy
Range: <1.0.1.56
Netgear/R7500v2llm-fuzzy
Range: <1.0.3.46
Netgear/XR700llm-fuzzy
Range: <1.0.1.10
Netgear/RAX120llm-fuzzy
Range: <1.0.0.78
Netgear/R8900llm-fuzzy
Range: <1.0.4.28
Netgear/R9000llm-fuzzy
Range: <1.0.4.28
Netgear/R7800llm-fuzzy
Range: <1.0.2.68
Netgear/Xr500llm-fuzzy
Range: <2.3.2.56

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

kb.netgear.com/000061753/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Gateway-PSV-2018-0525mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000