CVE-2024-28339

MEDIUM Year: 2024
CVSS v3 Score
5.4
Medium
Weakness Type
CWE-200
View all →

Vulnerability Description

An information leak in the debuginfo.htm component of Netgear CBR40 2.5.0.28, Netgear CBK40 2.5.0.28, and Netgear CBK43 2.5.0.28 allows attackers to obtain sensitive information without any authentication required.

Related Vulnerabilities

CVE-2016-1786

MEDIUM
CVSS:5.4(Medium)

The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles HTTP responses with a 3xx (aka redirection) status code, which allows remote attackers to spoof the d...

CWE-2002016

CVE-2016-5014

MEDIUM
CVSS:5.4(Medium)

In Moodle 2.x and 3.x, an unenrolled user still receives event monitor notifications even though they can no longer access the course.

CWE-2002016

CVE-2017-10337

MEDIUM
CVSS:5.4(Medium)

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Leisure). Supported versions that are affected are 8.10.1 and 8.10.2. Easily exploitable vuln...

CWE-2002017

CVE-2018-10581

MEDIUM
CVSS:5.4(Medium)

In Octopus Deploy 3.4.x before 2018.4.7, an authenticated user is able to view/update/save variable values within the Tenant Variables area for Environments that do not exist within their associated T...

CWE-2002018

CVE-2018-17091

MEDIUM
CVSS:5.4(Medium)

An issue was discovered in DonLinkage 6.6.8. It allows remote attackers to obtain potentially sensitive information via a direct request for files/temporary.txt.

CWE-2002018

CVE-2018-1999030

MEDIUM
CVSS:5.4(Medium)

An exposure of sensitive information vulnerability exists in Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin 1.3.1 and earlier in ArtifactoryChoiceListProvider.java, NexusChoiceListProvider.j...

CWE-2002018