What is CVE-2024-7153?

CVE-2024-7153 is a medium-severity vulnerability in Netgear Wn604, classified under Direct Request (Forced Browsing). CVSS score: 5.3/10. Published 2024-07-27.

How severe is CVE-2024-7153?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Vulnerability in Netgear Wn604

CVE-2024-7153

A vulnerability classified as problematic has been found in Netgear WN604 up to 20240719. Affected is an unknown function of the file siteSurvey.php. The manipulation leads to direct request. It is possible to launch the attack remotely. T…

EPSS: 0.001 (34.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Netgear Wn604 — versions 20240719

Weakness classification (CWE)

CWE-425 — Direct Request (Forced Browsing)

References

VDB-272556 | Netgear WN604 siteSurvey.php direct request (vdb-entry)
VDB-272556 | CTI Indicators (IOB, IOC, TTP, IOA) (signature, permissions-required)
Submit #377056 | Netgear WN604 Missing Authentication (third-party-advisory)
wiki.shikangsi.com/post/share/e8a2a0a0-5e72-4bb1-8805-cf155a89f583 (exploit)

Frequently asked questions

What is CVE-2024-7153?: CVE-2024-7153 is a medium-severity vulnerability in Netgear Wn604, classified under Direct Request (Forced Browsing). CVSS score: 5.3/10. Published 2024-07-27.
How severe is CVE-2024-7153?: Medium severity. CVSS v3 base score is 5.3 out of 10.