CVE-2016-1556

Information disclosure in Netgear WN604 before 3.3.3; WNAP210, WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0; and WND930 before 2.0.11 allows remote attackers to read the wireless WPS PIN or passphrase by visiting unauthenticated webpages.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netgear:wnap320_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wnap320:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netgear:wndap350_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wndap350:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netgear:wndap360_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wndap360:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netgear:wndap210v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wndap210v2:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netgear:wn604_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wn604:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netgear:wnd930_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wnd930:-:*:*:*:*:*:*:*

History

21 Nov 2024, 02:46

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html - Third Party Advisory, VDB Entry () http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html - Third Party Advisory, VDB Entry
References () http://seclists.org/fulldisclosure/2016/Feb/112 - Mailing List, Third Party Advisory () http://seclists.org/fulldisclosure/2016/Feb/112 - Mailing List, Third Party Advisory
References () https://kb.netgear.com/30481/CVE-2016-1556-Notification?cid=wmt_netgear_organic - Patch, Vendor Advisory () https://kb.netgear.com/30481/CVE-2016-1556-Notification?cid=wmt_netgear_organic - Patch, Vendor Advisory

Information

Published : 2017-04-21 15:59

Updated : 2024-11-21 02:46


NVD link : CVE-2016-1556

Mitre link : CVE-2016-1556

CVE.ORG link : CVE-2016-1556


JSON object : View

Products Affected

netgear

  • wn604
  • wndap360_firmware
  • wnd930_firmware
  • wndap350
  • wnap320_firmware
  • wndap360
  • wnap320
  • wnd930
  • wndap350_firmware
  • wndap210v2
  • wndap210v2_firmware
  • wn604_firmware
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor