← back
CVE-2024-40750

CVE-2024-40750

CVSS 5.3 MEDIUMEPSS 0.1%CWE-312
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.3EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
09 Jul 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Linksys Velop Pro 6E 1.0.8 MX6200_1.0.8.215731 and 7 1.0.10.215314 devices send cleartext Wi-Fi passwords over the public Internet during app-based installation.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://news.ycombinator.com/item?id=40917312https://stackdiary.com/linksys-velop-routers-send-wi-fi-passwords-in-plaintext-to-us-servers/