Unrated severityNVD Advisory· Published Apr 15, 2020· Updated Aug 4, 2024

CVE-2020-11779

Description

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Multiple NETGEAR routers and gateways are vulnerable to stored XSS via a crafted administration interface input, allowing arbitrary script execution in an admin's browser session.

Vulnerability

A stored cross-site scripting (XSS) vulnerability exists in the web-based administration interface of several NETGEAR router and gateway models. The flaw affects specifically the following models and firmware versions: D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10. An attacker with access to a configuration input field can inject malicious script code that is stored on the device and later executed when an administrator views the affected page [1].

Exploitation

To exploit this vulnerability, an attacker must have authenticated access to the device's web-based administration interface and the ability to modify a vulnerable configuration parameter. The attacker crafts a payload containing JavaScript code and enters it into a field that lacks proper output encoding. When the administrator subsequently visits the page displaying the stored input, the injected script executes in the context of the admin's browser session. No additional user interaction beyond the administrator's normal page view is required [1].

Impact

Successful exploitation allows the attacker to execute arbitrary JavaScript code in the context of the authenticated administrator's browser session. This can lead to session hijacking, unauthorized configuration changes, credential theft, or further compromise of the device and connected network resources. The impact is contained to the browser session of the administrative user [1].

Mitigation

NETGEAR has released fixed firmware versions for all affected models. Users should immediately update each device to the latest firmware as listed: D7800 to 1.0.1.56, R7500v2 to 1.0.3.46, R7800 to 1.0.2.68, R8900 to 1.0.4.28, R9000 to 1.0.4.28, RAX120 to 1.0.0.78, XR500 to 2.3.2.56, and XR700 to 1.0.1.10. The fixed versions were made available on or before the advisory publication date (April 15, 2020). No workarounds are documented; patching is the only recommended remediation [1].

References

Security Advisory for Stored Cross Site Scripting on Some Routers and Gateways, PSV-2018-0527

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

NETGEAR/D7800description
Netgear/D7800llm-fuzzy
Range: <1.0.1.56
Netgear/R7500v2llm-fuzzy
Range: <1.0.3.46
Netgear/XR700llm-fuzzy
Range: <1.0.1.10
Netgear/RAX120llm-fuzzy
Range: <1.0.0.78
Netgear/R8900llm-fuzzy
Range: <1.0.4.28
Netgear/R9000llm-fuzzy
Range: <1.0.4.28
Netgear/R7800llm-fuzzy
Range: <1.0.2.68
Netgear/Xr500llm-fuzzy
Range: <2.3.2.56

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

kb.netgear.com/000061751/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Gateways-PSV-2018-0527mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000