CVE-2024-4235

LOW Year: 2024
CVSS v3 Score
2.7
Low
CVSS v2 Score
3.3
Low
Weakness Type
CWE-312
View all →

Vulnerability Description

A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This vulnerability affects unknown code of the component Web Management Interface. The manipulation leads to cleartext storage of sensitive information. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-262126 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2021-40087

LOW
CVSS:2.7(Low)

An issue was discovered in PrimeKey EJBCA before 7.6.0. When audit logging changes to the alias configurations of various protocols that use an enrollment secret, any modifications to the secret were ...

CWE-3122021

CVE-2023-5384

LOW
CVSS:2.7(Low)

A flaw was found in Infinispan. When serializing the configuration for a cache to XML/JSON/YAML, which contains credentials (JDBC store with connection pooling, remote store), the credentials are retu...

CWE-3122023

CVE-2020-4224

LOW
CVSS:2.9(Low)

IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. IBM X-Force ID: 175...

CWE-3122020

CVE-2024-46383

LOW
CVSS:2.4(Low)

Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about USB and Wifi connected devices in plaintext.

CWE-3122024

CVE-2020-9407

LOW
CVSS:3.1(Low)

IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the IWEBSERVICE_JSONRPC_COOKIE cookie.

CWE-3122020

CVE-2023-24586

LOW
CVSS:3.1(Low)

Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product.

CWE-3122023