Our security analysis has uncovered multiple vulnerabilities in the Netgear WNR614 router. The Netgear WNR614 Router is renowned for its dependable performance, reliable connectivity, and intuitive user interface. The identified vulnerabilities present risks of security protocol circumvention and unauthorized retrieval of sensitive data by local entities. Furthermore, it is important to note that the WNR614 N300 model has reached its End of Service (EOS) in 2021.
The router variant impacted is the Netgear WNR614 JNR1010V2 N300, with the firmware iteration V1.1.0.54_1.0.1.
1. Improper Authentication / Broken Access Control (CVE-2024-36787)
Description: An issue in Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 allows attackers to bypass authentication and access the administrative interface via unspecified vectors.
Impact: Poor authentication protocols allowing insecure passwords pose a severe threat to network security, necessitating immediate and decisive action to stop unauthorized access and protect network operations and sensitive data.
Mitigation: Upgrade firmware to the latest version.
POC: The Netgear WNR614 router’s weak authentication, allowing Base64 credential cracking, poses a serious security risk.
2. Cookie Without HTTPOnly / Secure Flag Set (CVE-2024-36788)
Description: Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly flag for cookies. This allows attackers to possibly intercept and access sensitive communications between the router and connected devices.
Impact: The Netgear WNR614 router’s improper “HTTPOnly” cookie flag setting exposes critical data to potential interception, posing a substantial risk of unauthorized network access and compromise.
Mitigation: Upgrade firmware to latest version.
POC: Due to not setting the “HTTPOnly” flag, this vulnerability risks sensitive data exposure through unencrypted channels, enabling attackers to potentially hijack sessions and compromise the network.
3. Password Policy Bypass (CVE-2024-36789)
Description: An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords that do not conform to defined security standards
Impact: Netgear WNR614 router vulnerability allows insecure passwords, risking unauthorized access, network manipulation, and potential data exposure.
Mitigation: Upgrade firmware to the latest version.
POC: Users can bypass Netgear’s password policies by setting a single-digit password on the WNR614 router.
4. Password Storage in Plaintext / Incorrect Access Control / Cleartext Storage of Sensitive Information / Information Disclosure (CVE-2024-36790)
Description: Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 was discovered to store credentials in plaintext.
Impact: NETGEAR WNR614 router stores sensitive authentication credentials in cleartext, risking unauthorized access, router manipulation, and potential data exposure. Immediate action is essential for remediation.
Mitigation: Upgrade firmware to the latest version.
POC: NETGEAR routers’ practice of storing WiFi credentials in cleartext within their firmware or database creates a vulnerability that, if exploited through unauthorized access, could lead to network manipulation and unauthorized entry.
5. WPS PIN Exposure (CVE-2024-36792)
Description: An issue in the implementation of the WPS in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to access the router’s PIN.
Impact: NETGEAR WNR614 router stores sensitive authentication credentials in cleartext, risking unauthorized access, router manipulation, and potential data exposure. Immediate action is essential for remediation.
Mitigation: Upgrade firmware to the latest version.
POC: NETGEAR routers flawed WPS implementation creates a security loophole that could lead to unauthorized network access and setting manipulation.
6. Insecure Permissions (CVE-2024-36795)
Description: Insecure permissions in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to access URLs and directories embedded within the firmware via unspecified vectors.
Impact: The unencrypted storage of sensitive data, like mail server credentials, in NETGEAR router firmware, significantly heightens the risk of unauthorized network access.
Mitigation: Upgrade firmware to latest version.
POC: Exploiting these vulnerabilities could allow attackers to access sensitive data and control router settings, threatening network security and necessitating urgent protective measures.
Given that the Netgear WNR614 N300 router has reached its End of Service, it is recommended to replace the router with a model that is actively supported and maintained by the manufacturer. In the interim, users should apply the mitigation outlined above to secure their networks against potential exploits.
Redfox Security is a diverse network of expert security consultants with a global mindset and a collaborative culture. If you are looking to improve your organization’s security posture, contact us today to discuss your security testing needs. Our team of security professionals can help you identify vulnerabilities and weaknesses in your systems and provide recommendations to remediate them.
Join us on our journey of growth and development by signing up for our comprehensive courses.
Redfox Cyber Security Inc.
8 The Green, Ste. A, Dover,
Delaware 19901,
United States.
info@redfoxsec.com
©️2024 Redfox Cyber Security Inc. All rights reserved.
