Attackers Can Gain Access to Router's PIN via Implementation Flaw
CVE-2024-36792
8.2HIGH
Summary
A security vulnerability exists within the WPS (Wi-Fi Protected Setup) implementation of certain Netgear routers, including the WNR614 JNR1010V2 and N300-V1.1.0.54_1.0.1 versions. This flaw allows unauthorized attackers to exploit the router's WPS feature, gaining access to sensitive router PINs. As a result, malicious entities can potentially compromise the entire network, posing significant risks to users' data and privacy. It's crucial for users of affected Netgear products to assess their device security and consider implementing recommended security practices.
References
CVSS V3.1
Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published