CVE-2024-30569
published 2024-04-03CVE-2024-30569: An information leak in currentsetting.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required.
PriorityP351high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
1.92%
77.4th percentile
An information leak in currentsetting.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netgear | r6850_firmware | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Send an unauthenticated HTTP GET request to /currentsetting.htm; a vulnerable device returns HTTP 200 with body containing 'Firmware=', 'LoginMethod=', and 'Model=' strings simultaneously.
- →The vulnerable endpoint /currentsetting.htm requires no authentication; exposure can be confirmed by the absence of any login redirect or 401/403 response on direct access.
- →Use FOFA query 'app="NETGEAR" && "R6850"' to identify potentially vulnerable internet-facing Netgear R6850 devices for mass scanning.
- ·Vulnerability is confirmed only against Netgear R6850 firmware version V1.1.0.88; other firmware versions are not confirmed affected.
- ·The Nuclei template is marked 'verified: true' with max-request: 1, meaning a single GET to /currentsetting.htm is sufficient for detection with no additional requests needed.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Netgear R6850 - Information Disclosure
nuclei·CVSS 7.5
CVE-2024-30569 [HIGH] Netgear R6850 - Information Disclosure
Netgear R6850 - Information Disclosure
Netgear R6850 router firmware version V1.1.0.88 contains an information leakage vulnerability in the currentsetting.htm page.This hidden interface is not protected by authentication, allowing unauthenticated attackers to access sensitive informationsuch as firmware version, model details, connection status, and other system configuration data.
Template:
id: CVE-2024-30569
info:
name: Netgear R6850 - Information Disclosure
author: ritikchaddha
severity: high
description: |
Netgear R6850 router firmware version V1.1.0.88 contains an information leakage vulnerability in the currentsetting.htm page.This hidden interface is not protected by authentication, allowing unauthenticated attackers to access sensitive informationsuch as firmware version, model
No writeups or analysis indexed.
https://github.com/funny-mud-peee/IoT-vuls/blob/main/netgear%20R6850/Info%20Leak%20in%20Netgear-R6850%EF%BC%88currentsetting.htm%EF%BC%89.mdhttps://www.netgear.com/about/security/https://github.com/funny-mud-peee/IoT-vuls/blob/main/netgear%20R6850/Info%20Leak%20in%20Netgear-R6850%EF%BC%88currentsetting.htm%EF%BC%89.mdhttps://www.netgear.com/about/security/
2024-04-03
Published