NETGEAR RAX40 is a 4-stream AX3000 dual-band WiFi 6 router.NETGEAR RAX40 versions prior to 1.0.3.64 are vulnerable to a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit this vulnerability to execute client-side code.