VulDBVULNRICHMENT:CVE-2024-4235CVE-2024-4235 Netgear DG834Gv5 Web Management Interface cleartext storage
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
MULTIPLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:M/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
15.5%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This vulnerability affects unknown code of the component Web Management Interface. The manipulation leads to cleartext storage of sensitive information. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-262126 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
ADP Affected
[
{
"cpes": [
"cpe:2.3:h:netgear:dg834gv5:-:*:*:*:*:*:*:*"
],
"vendor": "netgear",
"product": "dg834gv5",
"versions": [
{
"status": "affected",
"version": "1.6.01.34"
}
],
"defaultStatus": "unknown"
}
]Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
MULTIPLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:M/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
15.5%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial