(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html | Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2016/Feb/112 | Mailing List Third Party Advisory |
https://kb.netgear.com/30480/CVE-2016-1555-Notification?cid=wmt_netgear_organic | Patch Vendor Advisory |
https://www.exploit-db.com/exploits/45909/ | Exploit Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
History
No history.
Information
Published : 2017-04-21 15:59
Updated : 2024-02-28 15:44
NVD link : CVE-2016-1555
Mitre link : CVE-2016-1555
CVE.ORG link : CVE-2016-1555
JSON object : View
Products Affected
netgear
- wnap320
- wn802tv2
- wndap350_firmware
- wn604_firmware
- wndap660_firmware
- wn604
- wndap350
- wndap210v2
- wndap210v2_firmware
- wndap660
- wndap360
- wn802tv2_firmware
- wndap360_firmware
- wnap320_firmware
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')