CVE-2024-36795 – This vulnerability involves insecure permission... (How to Fix)

Q: What is the severity of CVE-2024-36795?

CVE-2024-36795 has a CVSS score of 4.0 (MEDIUM). This vulnerability involves insecure permissions in Netgear WNR614 JNR1010V2 routers, allowing attackers to access URLs and directories embedded within the firmware. Attackers can potentially view sensitive information or configuration files. This affects users of specific Netgear router models with vulnerable firmware versions.

📋 TL;DR

This vulnerability involves insecure permissions in Netgear WNR614 JNR1010V2 routers, allowing attackers to access URLs and directories embedded within the firmware. Attackers can potentially view sensitive information or configuration files. This affects users of specific Netgear router models with vulnerable firmware versions.

💻 Affected Systems

Products:

Netgear WNR614 JNR1010V2/N300

Versions: V1.1.0.54_1.0.1

Operating Systems: Embedded router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects specific firmware version on these router models; other versions may also be vulnerable but unconfirmed.

📦 What is this software?

Wnr614 Firmware by Netgear

View all CVEs affecting Wnr614 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain access to sensitive firmware files, potentially leading to credential theft, configuration tampering, or further exploitation of the router.

🟠

Likely Case

Unauthorized access to embedded URLs and directories, exposing configuration details or sensitive information stored in firmware.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls, though firmware exposure remains a concern.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation likely involves accessing specific URLs or directories without authentication, though exact vectors are unspecified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not provided in references

Restart Required: No

Instructions:

Check Netgear support for firmware updates; if unavailable, consider workarounds or replacement.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate the router from critical internal networks to limit potential damage.

Access Control Lists

all

Implement firewall rules to restrict access to router management interfaces.

🧯 If You Can't Patch

Replace the router with a supported model that receives security updates.
Monitor network traffic for unusual access attempts to router URLs.

🔍 How to Verify

Check if Vulnerable:

Check router firmware version via web interface or CLI; if version is V1.1.0.54_1.0.1, it is vulnerable.

Check Version:

Check router web interface under Advanced > Administration > Router Status or similar.

Verify Fix Applied:

Update firmware to a newer version if available and confirm version change.

📡 Detection & Monitoring

Log Indicators:

Unusual access logs to router URLs or directories, especially from unauthorized IPs.

Network Indicators:

HTTP requests to embedded router paths from unexpected sources.

SIEM Query:

source="router_logs" AND (url_path CONTAINS "/firmware/" OR url_path CONTAINS "/config/")

📊 Metadata

CVE ID: CVE-2024-36795

CVSS v3 Score: 4.0 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE: CWE-22

Published: June 6, 2024

Last Updated: May 29, 2025

🔗 References

https://redfoxsec.com/blog/security-advisory-multiple-vulnerabilities-in-netgear-wnr614-router/ Exploit,Third Party Advisory
https://redfoxsec.com/blog/security-advisory-multiple-vulnerabilities-in-netgear-wnr614-router/ Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-36795, you might also want to check these: