Vulnerabilities > CVE-2024-36788 - Unspecified vulnerability in Netgear Wnr614 Firmware 1.1.0.541.0.1

CVSS 4.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

high complexity

netgear

NVD

Published: 2024-06-07

Updated: 2024-11-07

Summary

Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly flag for cookies. This allows attackers to possibly intercept and access sensitive communications between the router and connected devices.

Vulnerable Configurations

Part	Description	Count
OS	Netgear Netgear Wnr614 Firmware 1.1.0.54_1.0.1	1
Hardware	Netgear Netgear Wnr614 -	1

References

https://redfoxsec.com/blog/security-advisory-multiple-vulnerabilities-in-netgear-wnr614-router/