Vulnerabilities > CVE-2024-1431 - Unspecified vulnerability in Netgear R7000 Firmware 1.0.11.13610.2.120

CVSS 6.5 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

low complexity

netgear

NVD

Published: 2024-02-11

Updated: 2024-05-17

Summary

A vulnerability was found in Netgear R7000 1.0.11.136_10.2.120 and classified as problematic. Affected by this issue is some unknown functionality of the file /debuginfo.htm of the component Web Management Interface. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. VDB-253382 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerable Configurations

Part	Description	Count
OS	Netgear Netgear R7000 Firmware 1.0.11.136_10.2.120	1
Hardware	Netgear Netgear R7000 -	1

References

https://vuldb.com/?id.253382
https://vuldb.com/?ctiid.253382
https://github.com/leetsun/Hints/tree/main/R7000/2