June 27, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Zoom Workplace Products Vulnerabilities
May 29, 2024
Microsoft Attributes New FakePenny Ransomware with North Korean Threat Actors – Active IOCs
May 29, 2024
Multiple Zoom Workplace Products Vulnerabilities
May 29, 2024
Microsoft Attributes New FakePenny Ransomware with North Korean Threat Actors – Active IOCs
May 29, 2024
Severity
Medium
Analysis Summary
CVE-2024-5246 CVSS:8.8
NETGEAR NMS300 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an error within the product installer. An attacker could exploit this vulnerability to execute code in the context of SYSTEM.
CVE-2024-5245 CVSS:7.8
NETGEAR NMS300 could allow a local authenticated attacker to gain elevated privileges on the system, caused by an error within the product installer. An attacker could exploit this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
CVE-2024-5247 CVSS:8.8
NETGEAR Prosafe Network Management System (NMS300) could allow a remote authenticated attacker to upload arbitrary files, caused by an error within the UpLoadServlet class. By sending a specially crafted request, an attacker could exploit this vulnerability to execute code in the context of SYSTEM.
CVE-2023-50677 CVSS:9.8
NETGEAR DGND4000 devices could allow a remote attacker to gain elevated privileges on the system, caused by a flaw in the next_file parameter to the /setup.cgi component. By sending a specially crafted request, an attacker could exploit this vulnerability to gain administrator privileges.
CVE-2024-28340 CVSS:5.3
Netgear CBR40, Netgear CBK40 and Netgear CBK43 could allow a remote attacker to obtain sensitive information, caused by an information leak in the currentsetting.htm component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information without any authentication required.
CVE-2024-28339 CVSS:5.3
Netgear CBR40, Netgear CBK40 and Netgear CBK43 could allow a remote attacker to obtain sensitive information, caused by an information leak in the debuginfo.htm component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information without any authentication required.
CVE-2024-1431 CVSS:4.3
NETGEAR R7000 Router could allow a remote attacker to obtain sensitive information, caused by improper access control by the /debuginfo.htm script file. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2024-1430 CVSS:5.3
Netgear R7000could allow a remote attacker to obtain sensitive information, caused by a flaw in the /currentsetting.htm endpoint. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
Impact
- Gain Access
- Code Execution
- Privilege Escalation
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-5246
- CVE-2024-5245
- CVE-2024-5247
- CVE-2023-50677
- CVE-2024-28340
- CVE-2024-28339
- CVE-2024-1431
- CVE-2024-1430
Affected Vendors
NETGEAR
Affected Products
- NETGEAR Prosafe Network Management System (NMS300) 1.7.0
- NETGEAR DGND4000 1.1.00.15_1.00.15
- NETGEAR CBR40 2.5.0.28
- NETGEAR CBK40 2.5.0.28
- NETGEAR CBK43 2.5.0.28
- NETGEAR R7000 1.0.11.136_10.2.120
Remediation
Refer to NETGEAR Security Advisory for patch, upgrade or suggested workaround information.