An information leak in the currentsetting.htm component of Netgear CBR40 2.5.0.28, Netgear CBK40 2.5.0.28, and Netgear CBK43 2.5.0.28 allows attackers to obtain sensitive information without any authentication required.
CVSS
No CVSS.
References
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
History
27 May 2025, 14:23
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:netgear:cbr40_firmware:2.5.0.28:*:*:*:*:*:*:* cpe:2.3:h:netgear:cbk43:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:cbk43_firmware:2.5.0.28:*:*:*:*:*:*:* cpe:2.3:o:netgear:cbk40_firmware:2.5.0.28:*:*:*:*:*:*:* cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:cbk40:-:*:*:*:*:*:*:* |
|
| First Time |
Netgear cbr40
Netgear cbr40 Firmware Netgear Netgear cbk43 Firmware Netgear cbk40 Netgear cbk43 Netgear cbk40 Firmware |
|
| References | () https://github.com/funny-mud-peee/IoT-vuls/blob/main/Netgear%20CBR40%5CCBK40%5CCBK43/Info%20Leak%20in%20Netgear-CBR40%E3%80%81CBK40%E3%80%81CBK43%20Router%EF%BC%88currentsetting.htm%EF%BC%89.md - Exploit, Third Party Advisory | |
| References | () https://www.netgear.com/about/security/ - Vendor Advisory |
12 Mar 2024, 17:46
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-03-12 17:15
Updated : 2025-05-27 14:23
NVD link : CVE-2024-28340
Mitre link : CVE-2024-28340
JSON object : View
Products Affected
netgear
- cbk43
- cbr40_firmware
- cbr40
- cbk43_firmware
- cbk40
- cbk40_firmware
CWE
No CWE.