An information leak in currentsetting.htm of Netgear R6850 v1.1.0.88 allows malicious users to obtain sensitive information without any authentication required.