Netgear R7000 1.0.11.136_10.2.120 Web UI Info Disclosure in /currentsetting.htm
CVE-2024-1430 Published on February 11, 2024
Netgear R7000 Web Management Interface currentsetting.htm information disclosure
A vulnerability has been found in Netgear R7000 1.0.11.136_10.2.120 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /currentsetting.htm of the component Web Management Interface. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Timeline
Advisory disclosed
CVE reserved
VulDB entry created
VulDB entry last update 22 days later.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2024-1430 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2024-1430
Want to know whenever a new CVE is published for Netgear R7000 Firmware? stack.watch will email you.
Affected Versions
Netgear R7000:- Version 1.0.11.136_10.2.120 is affected.
- Version 1.0.11.136_10.2.120 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.