CVE-2016-1555
CVE-2016-1555
In short
Netgear wireless access points contain a vulnerability that allows attackers on the network to run any command they want on the device without permission, potentially taking complete control of it.
Technical detail
Multiple PHP scripts in affected Netgear devices lack proper input validation on user-supplied parameters, enabling OS command injection via network requests. Remote unauthenticated attackers can execute arbitrary commands with device privileges by sending specially crafted requests to vulnerable endpoints.
Summary generated and translated by AI from the official description.
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 4
githubgithub.com/ide0x90/cve-2016-1555★ 2cve_referencepacketstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.htmlunverifiedcve_referencewww.exploit-db.com/exploits/45909/unverifiedexploitdbwww.exploit-db.com/exploits/45909unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.htmlhttp://seclists.org/fulldisclosure/2016/Feb/112https://kb.netgear.com/30480/CVE-2016-1555-Notification?cid=wmt_netgear_organichttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-1555https://www.exploit-db.com/exploits/45909/