Stored XSS Vulnerability in NETGEAR WNR1000V4 1.1.0.54 Web Management Console

Stored XSS Vulnerability in NETGEAR WNR1000V4 1.1.0.54 Web Management Console

CVE-2019-20486 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple pages (setup.cgi and adv_index.htm) within the web management console are vulnerable to stored XSS, as demonstrated by the configuration of the UI language.

Learn more about our Web App Pen Testing.