CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4235 – Netgear DG834Gv5 Web Management Interface cleartext storage
https://notcve.org/view.php?id=CVE-2024-4235
26 Apr 2024 — A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This vulnerability affects unknown code of the component Web Management Interface. The manipulation leads to cleartext storage of sensitive information. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://netsecfish.notion.site/Netgear-DG834Gv5-Plain-Text-Credentials-Exposure-22e94fe066014490bebd349775d10b27?pvs=4 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-38591
https://notcve.org/view.php?id=CVE-2023-38591
07 Aug 2023 — Netgear DG834Gv5 1.6.01.34 was discovered to contain multiple buffer overflows via the wla_ssid and wla_temp_ssid parameters at bsw_ssid.cgi. • https://github.com/FirmRec/IoT-Vulns/blob/main/netgear/nvram_ssid/README.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •