CVE-2024-36795

CWE-22 — Path Traversal3 documents3 sources

Severity

4.0MEDIUM

EPSS

0.1%

top 79.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Netgear Wnr614 Firmware

Timeline

PublishedJun 6

Description

Insecure permissions in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to access URLs and directories embedded within the firmware via unspecified vectors.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 2.5 | Impact: 1.4

Affected Packages1 packages

▶NVDnetgear/wnr614_firmware1.1.0.54_1.0.1

🔴Vulnerability Details

CVEList

CVE-2024-36795: Insecure permissions in Netgear WNR614 JNR1010V2/N300-V1↗2024-06-06

▶

GHSA

GHSA-qpvg-vp7c-mg9m: Insecure permissions in Netgear WNR614 JNR1010V2/N300-V1↗2024-06-06

▶