CVE-2024-28339

An information leak in the debuginfo.htm component of Netgear CBR40 2.5.0.28, Netgear CBK40 2.5.0.28, and Netgear CBK43 2.5.0.28 allows attackers to obtain sensitive information without any authentication required.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netgear:cbk40_firmware:2.5.0.28:*:*:*:*:*:*:*
cpe:2.3:h:netgear:cbk40:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netgear:cbk43_firmware:2.5.0.28:*:*:*:*:*:*:*
cpe:2.3:h:netgear:cbk43:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netgear:cbr40_firmware:2.5.0.28:*:*:*:*:*:*:*
cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*

History

27 May 2025, 14:23

Type Values Removed Values Added
First Time Netgear cbr40 Firmware
Netgear
Netgear cbk43
Netgear cbk40 Firmware
Netgear cbk43 Firmware
Netgear cbr40
Netgear cbk40
References () https://github.com/funny-mud-peee/IoT-vuls/blob/main/Netgear%20CBR40%5CCBK40%5CCBK43/Info%20Leak%20in%20Netgear-CBR40%E3%80%81CBK40%E3%80%81CBK43%20Router%EF%BC%88debuginfo.htm%EF%BC%89.md - () https://github.com/funny-mud-peee/IoT-vuls/blob/main/Netgear%20CBR40%5CCBK40%5CCBK43/Info%20Leak%20in%20Netgear-CBR40%E3%80%81CBK40%E3%80%81CBK43%20Router%EF%BC%88debuginfo.htm%EF%BC%89.md - Exploit, Third Party Advisory
References () https://www.netgear.com/about/security/ - () https://www.netgear.com/about/security/ - Vendor Advisory
CPE cpe:2.3:o:netgear:cbk43_firmware:2.5.0.28:*:*:*:*:*:*:*
cpe:2.3:h:netgear:cbk40:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:cbk40_firmware:2.5.0.28:*:*:*:*:*:*:*
cpe:2.3:o:netgear:cbr40_firmware:2.5.0.28:*:*:*:*:*:*:*
cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:cbk43:-:*:*:*:*:*:*:*

21 Nov 2024, 09:06

Type Values Removed Values Added
References () https://github.com/funny-mud-peee/IoT-vuls/blob/main/Netgear%20CBR40%5CCBK40%5CCBK43/Info%20Leak%20in%20Netgear-CBR40%E3%80%81CBK40%E3%80%81CBK43%20Router%EF%BC%88debuginfo.htm%EF%BC%89.md - () https://github.com/funny-mud-peee/IoT-vuls/blob/main/Netgear%20CBR40%5CCBK40%5CCBK43/Info%20Leak%20in%20Netgear-CBR40%E3%80%81CBK40%E3%80%81CBK43%20Router%EF%BC%88debuginfo.htm%EF%BC%89.md -
References () https://www.netgear.com/about/security/ - () https://www.netgear.com/about/security/ -

28 Aug 2024, 14:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.4
CWE CWE-200

12 Mar 2024, 17:46

Type Values Removed Values Added
New CVE

Information

Published : 2024-03-12 17:15

Updated : 2025-05-27 14:23


NVD link : CVE-2024-28339

Mitre link : CVE-2024-28339

CVE.ORG link : CVE-2024-28339


JSON object : View

Products Affected

netgear

  • cbk43_firmware
  • cbr40
  • cbk40
  • cbk43
  • cbr40_firmware
  • cbk40_firmware
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor