← Back to CVEs
CVE-2016-1555
CRITICALCISA KEV9.8
Description
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published4/21/2017
Last Modified10/22/2025
Sourcekev
Honeypot Sightings0
CISA KEV
VendorNETGEAR
ProductWireless Access Point (WAP) Devices
Vulnerability NameNETGEAR Multiple WAP Devices Command Injection Vulnerability
KEV Date Added2022-03-25
Remediation Due Date2022-04-15
Ransomware UseUnknown
Affected Products
netgear:wn604netgear:wn604_firmwarenetgear:wn802tv2netgear:wn802tv2_firmwarenetgear:wnap320netgear:wnap320_firmwarenetgear:wndap210v2netgear:wndap210v2_firmwarenetgear:wndap350netgear:wndap350_firmwarenetgear:wndap360netgear:wndap360_firmwarenetgear:wndap660netgear:wndap660_firmware
Weaknesses (CWE)
CWE-77CWE-77
References
http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html(cret@cert.org)
http://seclists.org/fulldisclosure/2016/Feb/112(cret@cert.org)
https://www.exploit-db.com/exploits/45909/(cret@cert.org)
http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html(af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2016/Feb/112(af854a3a-2127-422b-91ae-364da2661108)
https://kb.netgear.com/30480/CVE-2016-1555-Notification?cid=wmt_netgear_organic(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/45909/(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-1555(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.