June 27, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple IBM Aspera Console Vulnerabilities
May 31, 2024
ICS: Multiple Fuji Electric Monitouch V-SFT Zero-Day Vulnerabilities
June 1, 2024
Multiple IBM Aspera Console Vulnerabilities
May 31, 2024
ICS: Multiple Fuji Electric Monitouch V-SFT Zero-Day Vulnerabilities
June 1, 2024
Severity
High
Analysis Summary
CVE-2024-30569 CVSS:7.5
Netgear R6850 could allow a remote attacker to obtain sensitive information, caused by an information leak in currentsetting.htm. By sending a specially crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2024-30571 CVSS:7.5
Netgear R6850 could allow a remote attacker to obtain sensitive information, caused by an information leak in the BRS_top.html component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2024-30568 CVSS:9.8
Netgear R6850 could allow a remote attacker to execute arbitrary commands on the system, caused by a command injection vulnerability. By using the c4-IPAddr parameter, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2024-30570 CVSS:7.5
Netgear R6850 could allow a remote attacker to obtain sensitive information, caused by an information leak in debuginfo.htm. By sending a specially crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information.
Impact
- Gain Access
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-30569
- CVE-2024-30571
- CVE-2024-30568
- CVE-2024-30570
Affected Vendors
NETGEAR
Affected Products
- Netgear R6850 1.1.0.88
Remediation
Refer to NETGEAR Security Advisory for patch, upgrade, or suggested workaround information.