Vulnerability Database

304,803

Total vulnerabilities in the database

CVE-2020-35808

Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.63, DM200 before 1.0.0.61, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN3000RPv2 before 1.0.0.68, and WNR2000v5 before 1.0.0.66.

Published: Dec 30, 2020
Updated: Nov 16, 2025
CVE: CVE-2020-35808
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.8
AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

CVSS v2:

Severity: Low
Score: 3.5
AV:N/AC:M/Au:S/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
netgear / d6100_firmware	-	1.0.0.63
netgear / dm200_firmware	-	1.0.0.61
netgear / r7800_firmware	-	1.0.2.52
netgear / r8900_firmware	-	1.0.4.12
netgear / r9000_firmware	-	1.0.4.12
netgear / wn3000rpv2_firmware	-	1.0.0.68
netgear / wnr2000v5_firmware	-	1.0.0.66

https://kb.netgear.com/000062708/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Range-Extenders-PSV-2018-0158

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo