CVE-2024-6646
published 2024-07-10CVE-2024-6646: A vulnerability was found in Netgear WN604 up to 20240710. It has been rated as problematic. Affected by this issue is some unknown functionality of the file…
PriorityP352medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EXPLOIT
EPSS
45.96%
98.7th percentile
A vulnerability was found in Netgear WN604 up to 20240710. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /downloadFile.php of the component Web Interface. The manipulation of the argument file with the input config leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-271052. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netgear | wn604 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect exploitation attempts by monitoring GET requests to /downloadFile.php with the query parameter file=config on Netgear WN604 devices. ↗
- →Confirm successful exploitation by checking HTTP 200 responses with Content-Type 'application/force-download' and body containing both 'system:basicSettings' and 'system:staSettings'. ↗
- →Use FOFA query 'title=="Netgear"' to identify potentially exposed Netgear WN604 devices on the internet. ↗
- ·The vulnerability is unauthenticated — no credentials are required to exploit /downloadFile.php?file=config, allowing any remote attacker to download the router configuration file containing administrator credentials. ↗
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv4.06.9MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Netgear-WN604 downloadFile.php - Information Disclosure
nuclei·CVSS 6.9
CVE-2024-6646 [MEDIUM] Netgear-WN604 downloadFile.php - Information Disclosure
Netgear-WN604 downloadFile.php - Information Disclosure
There is an information leakage vulnerability in the downloadFile.php interface of Netgear WN604. A remote attacker using file authentication can use this vulnerability to obtain the administrator account and password information of the wireless router, causing the router's background to be controlled. The attacker can initiate damage to the wireless network or further threaten it.
Template:
id: CVE-2024-6646
info:
name: Netgear-WN604 downloadFile.php - Information Disclosure
author: pussycat0x
severity: medium
description: |
There is an information leakage vulnerability in the downloadFile.php interface of Netgear WN604. A remote attacker using file authentication can use this vulnerability to obtain the administrator account and
No writeups or analysis indexed.
2024-07-10
Published