CVSS: 5.2EPSS: 0%CPEs: 20EXPL: 0CVE-2017-18839
https://notcve.org/view.php?id=CVE-2017-18839
Certain NETGEAR devices are affected by stored XSS. This affects M4300-28G before 12.0.2.15, M4300-52G before 12.0.2.15, M4300-28G-POE+ before 12.0.2.15, M4300-52G-POE+ before 12.0.2.15, M4300-8X8F before 12.0.2.15, M4300-12X12F before 12.0.2.15, M4300-24X24F before 12.0.2.15, M4300-24X before 12.0.2.15, M4300-48X before 12.0.2.15, and M4200 before 12.0.2.15. Determinados dispositivos NETGEAR están afectados por un ataque de tipo XSS almacenado. Esto afecta a M4300-28G versiones anteriores a 12.0.2.15, M4300-52G versiones anteriores a 12.0.2.15, M4300-28G-POE+ versiones anteriores a 12.0.2.15, M4300-52G-POE+ versiones anteriores a 12.0.2.15, M4300-8X8F versiones anteriores a 12. 0.2.15, M4300-12X12F versiones anteriores a 12.0.2.15, M4300-24X24F versiones anteriores a 12.0.2.15, M4300-24X versiones anteriores a 12.0.2.15, M4300-48X versiones anteriores a 12.0.2.15, y M4200 versiones anteriores a 12.0.2.15. • https://kb.netgear.com/000049023/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Fully-Managed-Switches-PSV-2017-2004 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.2EPSS: 0%CPEs: 20EXPL: 0CVE-2017-18840
https://notcve.org/view.php?id=CVE-2017-18840
Certain NETGEAR devices are affected by denial of service. This affects M4300-28G before 12.0.2.15, M4300-52G before 12.0.2.15, M4300-28G-POE+ before 12.0.2.15, M4300-52G-POE+ before 12.0.2.15, M4300-8X8F before 12.0.2.15, M4300-12X12F before 12.0.2.15, M4300-24X24F before 12.0.2.15, M4300-24X before 12.0.2.15, M4300-48X before 12.0.2.15, and M4200 before 12.0.2.15. Determinados dispositivos NETGEAR están afectados por una denegación de servicio. Esto afecta a M4300-28G versiones anteriores a 12.0.2.15, M4300-52G versiones anteriores a 12.0.2.15, M4300-28G-POE+ versiones anteriores a 12.0.2.15, M4300-52G-POE+ versiones anteriores a 12.0.2.15, M4300-8X8F versiones anteriores a 12. 0.2.15, M4300-12X12F versiones anteriores a 12.0.2.15, M4300-24X24F versiones anteriores a 12.0.2.15, M4300-24X versiones anteriores a 12.0.2.15, M4300-48X versiones anteriores a 12.0.2.15, y M4200 versiones anteriores a 12.0.2.15. • https://kb.netgear.com/000049022/Security-Advisory-for-Denial-of-Service-Vulnerability-on-Some-Fully-Managed-Switches-PSV-2017-2005 • CWE-20: Improper Input Validation •