Attackers Can Gain Access to Router's PIN via Implementation Flaw
CVE-2024-36792

8.2HIGH

Key Information:

Vendor
Netgear
Vendor
CVE Published:
7 June 2024

Summary

A security vulnerability exists within the WPS (Wi-Fi Protected Setup) implementation of certain Netgear routers, including the WNR614 JNR1010V2 and N300-V1.1.0.54_1.0.1 versions. This flaw allows unauthorized attackers to exploit the router's WPS feature, gaining access to sensitive router PINs. As a result, malicious entities can potentially compromise the entire network, posing significant risks to users' data and privacy. It's crucial for users of affected Netgear products to assess their device security and consider implementing recommended security practices.

References

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.