Skip to content
Nuclei Templates

Netgear R6850 - Information Disclosure

ID: CVE-2024-30569

Severity: medium

Author: ritikchaddha

Tags: cve,cve2024,netgear,router,exposure

Description

Section titled “Description”

Netgear R6850 router firmware version V1.1.0.88 contains an information leakage vulnerability in the currentsetting.htm page.This hidden interface is not protected by authentication, allowing unauthenticated attackers to access sensitive informationsuch as firmware version, model details, connection status, and other system configuration data.

YAML Source

Section titled “YAML Source”
id: CVE-2024-30569


info:
  name: Netgear R6850 - Information Disclosure
  author: ritikchaddha
  severity: medium
  description: |
    Netgear R6850 router firmware version V1.1.0.88 contains an information leakage vulnerability in the currentsetting.htm page.This hidden interface is not protected by authentication, allowing unauthenticated attackers to access sensitive informationsuch as firmware version, model details, connection status, and other system configuration data.
  remediation: |
    Restrict access to the currentsetting.htm page by implementing proper authentication. Keep router firmware updated to the latest version once a patch is available.
  reference:
    - https://github.com/funny-mud-peee/IoT-vuls/blob/main/netgear%20R6850/Info%20Leak%20in%20Netgear-R6850%EF%BC%88currentsetting.htm%EF%BC%89.md
    - https://nvd.nist.gov/vuln/detail/CVE-2024-30569
    - https://www.netgear.com/about/security/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2024-30569
    cwe-id: CWE-200
  metadata:
    verified: true
    max-request: 1
    fofa-query: app="NETGEAR" && "R6850"
  tags: cve,cve2024,netgear,router,exposure


http:
  - method: GET
    path:
      - "{{BaseURL}}/currentsetting.htm"


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "Firmware="
          - "LoginMethod="
          - "Model="
        condition: and


      - type: status
        status:
          - 200
# digest: 4a0a00473045022100ab86d5af77a8071cd0071f626b011dd6747b3201bff5a8f042a53c251c2ff5e802202220d9293d24a0acf9977c25cfd1367ed8b59f22aae830be6a3bc2caa33d74a6:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2024/CVE-2024-30569.yaml"

View on Github