Vulnerability Details : CVE-2016-1555
Public exploit exists!
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands.
CVE-2016-1555 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
NETGEAR Multiple WAP Devices Command Injection Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Multiple NETGEAR Wireless Access Point devices allows unauthenticated web pages to pass form input directly to the command-line interface. Exploitation allows for arbitrary code execution.
Added on
2022-03-25
Action due date
2022-04-15
Exploit prediction scoring system (EPSS) score for CVE-2016-1555
Probability of exploitation activity in the next 30 days: 97.37%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2016-1555
-
Netgear Devices Unauthenticated Remote Command Execution
Disclosure Date: 2016-02-25First seen: 2020-04-26exploit/linux/http/netgear_unauth_execFrom the CVE-2016-1555 page: (1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote att
CVSS scores for CVE-2016-1555
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
|
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2016-1555
-
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-1555
-
https://kb.netgear.com/30480/CVE-2016-1555-Notification?cid=wmt_netgear_organic
CVE-2016-1555 - Notification | Answer | NETGEAR SupportPatch;Vendor Advisory
-
https://www.exploit-db.com/exploits/45909/
Netgear Devices - (Unauthenticated) Remote Command Execution (Metasploit)Exploit;Third Party Advisory;VDB Entry
-
http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html
D-Link / Netgear FIRMADYNE Command Injection / Buffer Overflow ≈ Packet StormThird Party Advisory;VDB Entry
-
http://seclists.org/fulldisclosure/2016/Feb/112
Full Disclosure: D-Link, Netgear Router VulnerabiltiiesMailing List;Third Party Advisory
Products affected by CVE-2016-1555
- cpe:2.3:o:netgear:wnap320_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:wndap350_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:wndap360_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:wndap210v2_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:wn604_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:wndap660_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:wn802tv2_firmware:*:*:*:*:*:*:*:*