Vulnerability CVE-2016-1555


Published: 2017-04-21

Description:
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands.

See advisories in our WLB2 database:
Topic
Author
Date
High
Netgear Devices Unauthenticated Remote Command Execution (Metasploit)
Metasploit
28.11.2018

Type:

CWE-77

(Improper Neutralization of Special Elements used in a Command ('Command Injection'))

Vendor: Netgear
Product: Wn604 firmware 
Version: 3.3.2;
Product: Wndap360 firmware 
Version: 3.0.5.0;
Product: Wndap210v2 firmware 
Version: 3.0.5.0;
Product: Wndap350 firmware 
Version: 3.0.5.0;
Product: Wn802tv2 firmware 
Version: 3.0.5.0;
Product: Wnap320 firmware 
Version: 3.0.5.0;
Product: Wndap660 firmware 
Version: 3.0.5.0;

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html
http://seclists.org/fulldisclosure/2016/Feb/112
https://kb.netgear.com/30480/CVE-2016-1555-Notification?cid=wmt_netgear_organic
https://www.exploit-db.com/exploits/45909/

Related CVE
CVE-2019-17049
NETGEAR SRX5308 4.3.5-3 devices allow SQL Injection, as exploited in the wild in September 2019 to add a new user account.
CVE-2019-5055
An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon (hostapd) on the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) wireless router. A SOAP request sent in an invalid sequence to the <WFAWLANConfig:1#PutMes...
CVE-2019-5054
An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) HTTP server. An HTTP request with an empty User-Agent string sent to a page requiring authenti...
CVE-2016-10864
NETGEAR EX7000 V1.0.0.42_1.0.94 devices allow XSS via the SSID.
CVE-2019-5017
An exploitable information disclosure vulnerability exists in the KCodes NetUSB.ko kernel module that enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. An unauthenti...
CVE-2019-5016
An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. A specially c...
CVE-2016-5649
A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to access this page without any authentication. When proces...
CVE-2016-5638
There are few web pages associated with the genie app on the Netgear WNDR4500 running firmware version V1.0.1.40_1.0.6877. Genie app adds some capabilities over the Web GUI and can be accessed even when you are away from home. A remote attacker can a...

Copyright 2019, cxsecurity.com

 

Back to Top