Details of VAR-202406-2616

ID

VAR-202406-2616

CVE

CVE-2024-36788

TITLE

of netgear WNR614 Firmware vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2024-012007

DESCRIPTION

Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly flag for cookies. This allows attackers to possibly intercept and access sensitive communications between the router and connected devices. of netgear WNR614 There are unspecified vulnerabilities in the firmware.Information may be obtained and information may be tampered with. Netgear WNR614 is an N300 wireless router with an external antenna from Netgear

Trust: 2.16

sources: NVD: CVE-2024-36788 // JVNDB: JVNDB-2024-012007 // CNVD: CNVD-2025-13419

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-13419

AFFECTED PRODUCTS

vendor:	netgear	model:	wnr614	scope:	eq	version:	1.1.0.54_1.0.1	Trust: 1.0
vendor:	ネットギア	model:	wnr614	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	wnr614	scope:	eq	version:	wnr614 firmware 1.1.0.54 1.0.1	Trust: 0.8
vendor:	ネットギア	model:	wnr614	scope:	eq	version:	-	Trust: 0.8
vendor:	netgear	model:	wnr614 jnr1010v2/n300-v1.1.0.54 1.0.1	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2025-13419 // JVNDB: JVNDB-2024-012007 // NVD: CVE-2024-36788

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2024-36788
value:	MEDIUM
Trust: 1.0
134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2024-36788
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2024-36788
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2025-13419
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2025-13419
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:H/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	4.9
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2024-36788
baseSeverity:	MEDIUM
baseScore:	4.8
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.2
impactScore:	2.5
version:	3.1
Trust: 1.0
134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2024-36788
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	2.5
impactScore:	3.4
version:	3.1
Trust: 1.0
NVD:	CVE-2024-36788
baseSeverity:	MEDIUM
baseScore:	4.8
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-13419 // JVNDB: JVNDB-2024-012007 // NVD: CVE-2024-36788 // NVD: CVE-2024-36788

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	CWE-922	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-012007 // NVD: CVE-2024-36788

EXTERNAL IDS

db:	NVD	id:	CVE-2024-36788	Trust: 3.2
db:	JVNDB	id:	JVNDB-2024-012007	Trust: 0.8
db:	CNVD	id:	CNVD-2025-13419	Trust: 0.6

sources: CNVD: CNVD-2025-13419 // JVNDB: JVNDB-2024-012007 // NVD: CVE-2024-36788

REFERENCES

url:	https://redfoxsec.com/blog/security-advisory-multiple-vulnerabilities-in-netgear-wnr614-router/	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2024-36788	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2024-36788	Trust: 0.6

sources: CNVD: CNVD-2025-13419 // JVNDB: JVNDB-2024-012007 // NVD: CVE-2024-36788

SOURCES

db:	CNVD	id:	CNVD-2025-13419
db:	JVNDB	id:	JVNDB-2024-012007
db:	NVD	id:	CVE-2024-36788

LAST UPDATE DATE

2025-06-26T23:30:34.382000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-13419	date:	2025-06-25T00:00:00
db:	JVNDB	id:	JVNDB-2024-012007	date:	2024-11-06T01:30:00
db:	NVD	id:	CVE-2024-36788	date:	2024-11-07T22:35:25.420

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-13419	date:	2025-06-25T00:00:00
db:	JVNDB	id:	JVNDB-2024-012007	date:	2024-11-06T00:00:00
db:	NVD	id:	CVE-2024-36788	date:	2024-06-07T15:15:50.233