CVE-2024-36788

Name of the Vulnerable Software and Affected Versions Netgear WNR614 JNR1010V2 N300-V1.1.0.54 1.0.1

Description The issue is related to the improper setting of the HTTPOnly flag for cookies, allowing attackers to possibly intercept and access sensitive communications between the router and connected devices. This is due to the use of cookies to store confidential information without the HttpOnly flag. Exploitation of this issue may allow a remote attacker to disclose protected information.

Recommendations For Netgear WNR614 JNR1010V2 N300-V1.1.0.54 1.0.1, consider updating the firmware to a version that properly sets the HTTPOnly flag for cookies as a permanent solution. As a temporary workaround, restrict access to sensitive communications between the router and connected devices to minimize the risk of exploitation.