Netgear Router Vulnerability Allows Attackers to Intercept Sensitive Communications

CVE-2024-36788

4.8MEDIUM

Key Information

Vendor: Netgear
Status: Wnr614 Firmware
Vendor: CVE Published:; 7 June 2024

Summary

Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly flag for cookies. This allows attackers to possibly intercept and access sensitive communications between the router and connected devices.

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Jun 7, 2024

Collectors

NVD DatabaseMitre Database