Vulnerability Change Records for CVE-2019-20738

Change History

Initial Analysis 4/23/2020 3:37:20 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.0.58
     OR
          cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.1.34
     OR
          cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:jnr1010_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0.50
     OR
          cpe:2.3:h:netgear:jnr1010:v2:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:jwnr2010_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0.50
     OR
          cpe:2.3:h:netgear:jwnr2010:v5:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.0.30
     OR
          cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.0.30
     OR
          cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:r6100_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.1.16
     OR
          cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.0.40
     OR
          cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.2.0.14
     OR
          cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.2.0.14
     OR
          cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.2.0.14
     OR
          cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.3.26
     OR
          cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.2.46
     OR
          cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.4.2
     OR
          cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.3.5.30
     OR
          cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.3.5.30
     OR
          cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 2.3.5.30
     OR
          cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.0.52
     OR
          cpe:2.3:h:netgear:wn3000rp:v2:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.2.78
     OR
          cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.2.102
     OR
          cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0.54
     OR
          cpe:2.3:h:netgear:wndr3700:v5:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.0.48
     OR
          cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.2.104
     OR
          cpe:2.3:h:netgear:wndr4300:v1:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.0.48
     OR
          cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:wnr1000_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0.50
     OR
          cpe:2.3:h:netgear:wnr1000:v4:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.0.64
     OR
          cpe:2.3:h:netgear:wnr2000:v5:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0.50
     OR
          cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:netgear:wnr2050_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.1.0.50
     OR
          cpe:2.3:h:netgear:wnr2050:-:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
NIST (AV:N/AC:M/Au:S/C:N/I:P/A:N)
Added CVSS V2 Metadata

								
							
							
						
Victim must voluntarily interact with attack mechanism
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Added CWE

								
							
							
						
NIST CWE-79
Changed Reference Type
https://kb.netgear.com/000061187/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-WiFi-System-PSV-2016-0100 No Types Assigned
https://kb.netgear.com/000061187/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-WiFi-System-PSV-2016-0100 Vendor Advisory