Password Security Vulnerability in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1
CVE-2024-36789

8.1HIGH

Key Information:

Vendor: Netgear
Status: Wnr614 Firmware
Vendor: CVE Published:; 7 June 2024

What is CVE-2024-36789?

A vulnerability in select Netgear wireless routers, including the WNR614 and JNR1010V2, allows attackers to exploit inadequacies in the password creation mechanism. This issue enables the generation of passwords that fail to meet standard security guidelines, which can potentially grant unauthorized access to network resources. Users of the affected devices are advised to review their security settings and implement stronger password policies to mitigate risks associated with this vulnerability.

References

https://redfoxsec.com/blog/security-advisory-multiple-vul...

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 7, 2024