Sign-up

ID

VAR-202407-2323


CVE

CVE-2024-7153


TITLE

NETGEAR WN604 Information Disclosure Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-11169

DESCRIPTION

A vulnerability classified as problematic has been found in Netgear WN604 up to 20240719. Affected is an unknown function of the file siteSurvey.php. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272556. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. NETGEAR WN604 is a small wireless router from NETGEAR. Attackers can use this vulnerability to access the siteSurvey.php page and obtain sensitive information such as the SSID, security type, encryption method, and channel of the wireless network

Trust: 1.44

sources: NVD: CVE-2024-7153 // CNVD: CNVD-2025-11169

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-11169

AFFECTED PRODUCTS

vendor:netgearmodel:wn604scope:lteversion:<=20240719

Trust: 0.6

sources: CNVD: CNVD-2025-11169

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2024-7153
value: MEDIUM

Trust: 1.0

CNVD: CNVD-2025-11169
value: MEDIUM

Trust: 0.6

cna@vuldb.com: CVE-2024-7153
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2025-11169
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

cna@vuldb.com: CVE-2024-7153
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2025-11169 // NVD: CVE-2024-7153

PROBLEMTYPE DATA

problemtype:CWE-425

Trust: 1.0

sources: NVD: CVE-2024-7153

EXTERNAL IDS

db:NVDid:CVE-2024-7153

Trust: 1.6

db:VULDBid:272556

Trust: 1.6

db:CNVDid:CNVD-2025-11169

Trust: 0.6

sources: CNVD: CNVD-2025-11169 // NVD: CVE-2024-7153

REFERENCES

url:https://vuldb.com/?id.272556

Trust: 1.6

url:https://vuldb.com/?ctiid.272556

Trust: 1.0

url:https://vuldb.com/?submit.377056

Trust: 1.0

url:https://wiki.shikangsi.com/post/share/e8a2a0a0-5e72-4bb1-8805-cf155a89f583

Trust: 1.0

sources: CNVD: CNVD-2025-11169 // NVD: CVE-2024-7153

SOURCES

db:CNVDid:CNVD-2025-11169
db:NVDid:CVE-2024-7153

LAST UPDATE DATE

2025-06-01T23:20:27.574000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-11169date:2025-05-30T00:00:00
db:NVDid:CVE-2024-7153date:2024-07-29T14:12:08.783

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-11169date:2025-05-27T00:00:00
db:NVDid:CVE-2024-7153date:2024-07-27T22:15:01.833