CVE-2024-36795
Description
Insecure permissions in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to access URLs and directories embedded within the firmware via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
The Netgear WNR614 router exposes sensitive URLs and directories in its firmware due to insecure permissions, allowing unauthenticated local network attackers to access credentials and admin functions.
Vulnerability
The Netgear WNR614 router, specifically firmware version JNR1010V2/N300-V1.1.0.54_1.0.1, suffers from insecure permission settings that expose internal URLs and directories embedded within the firmware. According to the available reference [1], this issue is part of a broader cluster of vulnerabilities, including plaintext storage of administrative credentials, authentication bypass, and weak session handling. The affected device is an N300 Wi-Fi model approaching end-of-life and has no available patch from Netgear.
Exploitation
An attacker who is on the same local network as the router can access these exposed URLs and directories without any authentication. The reference [1] indicates that the management interface can be reached from the LAN side, and if the router's remote management is enabled, the attack may be possible from the internet as well. By navigating to the unprotected paths, the attacker can retrieve sensitive files, including those containing administrative credentials stored in plaintext.
Impact
Successful exploitation allows an unauthenticated attacker to obtain the router's administrative credentials in plaintext, gaining full administrative control over the device. This enables the attacker to modify network settings, intercept traffic, redirect users to malicious sites, and perform a complete network takeover [1]. The confidentiality, integrity, and availability of the network are all compromised.
Mitigation
Netgear has not released a security patch for this vulnerability, and the WNR614 router is approaching or has reached end-of-life support [1]. No official workaround has been provided. Users are strongly advised to replace the device with a supported model that receives security updates. Until replacement, disabling remote management and ensuring the device is not exposed to untrusted networks can reduce but not eliminate the risk.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Netgear/WNR614 JNR1010V2/N300description
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Complete authentication bypass in the web management interface allows unauthenticated access to administrative pages and configuration data."
Attack vector
An attacker on the same local network can directly access administrative pages without authentication by sending a crafted request to the router's management interface, e.g. `curl http://192.168.1.1/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=id` [ref_id=1]. After bypassing authentication, the attacker can extract plaintext credentials from `/currentsetting.htm` and then modify DNS settings, inject malicious firmware, or create rogue administrative accounts. The attack chain from initial network access to full compromise can be completed in under five minutes [ref_id=1].
Affected code
The advisory identifies the web management interface of the Netgear WNR614 router as the affected component. Specific endpoints include `/setup.cgi`, `/currentsetting.htm`, and the general HTTP login handler. The firmware version V1.0.0.34 and earlier is confirmed vulnerable [ref_id=1].
What the fix does
No patch has been released by Netgear for these vulnerabilities; the device is approaching or has reached end-of-life support [ref_id=1]. The advisory recommends replacing the WNR614 with a supported router model that receives active security updates as the only complete remediation. Interim mitigations include disabling remote management, isolating the management interface to a dedicated VLAN, and changing default credentials to a long, randomly generated password [ref_id=1].
Preconditions
- networkAttacker must be on the same local network as the router, or the router's management interface must be exposed to the internet.
- authNo authentication or prior access is required to trigger the authentication bypass.
Reproduction
1. From a machine on the same local network, send a request to the router's management interface to test authentication bypass: `curl -v http://192.168.1.1/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=id&curpath=/¤tsetting.htm=1`. If the response includes `uid=0(root)`, authentication bypass is confirmed [ref_id=1]. 2. Extract plaintext credentials by requesting the configuration page: `curl -s http://192.168.1.1/currentsetting.htm | grep -i "password"` [ref_id=1]. 3. Use the extracted credentials to log in and fully compromise the router.
Generated on May 26, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1News mentions
0No linked articles in our index yet.