cvelistv5 - cve-2016-6277

CVE-2016-6277 (GCVE-0-2016-6277)

Vulnerability from cvelistv5

Published

2016-12-14 16:00

Modified

2025-10-21 23:55

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Summary

NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/.

References

URL

Tags

	https://www.exploit-db.com/exploits/40889/	exploit, x_refsource_EXPLOIT-DB
	https://www.exploit-db.com/exploits/41598/	exploit, x_refsource_EXPLOIT-DB
	http://kb.netgear.com/000036386/CVE-2016-582384	x_refsource_CONFIRM
	http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/	x_refsource_MISC
	https://www.kb.cert.org/vuls/id/582384	third-party-advisory, x_refsource_CERT-VN
	http://www.securityfocus.com/bid/94819	vdb-entry, x_refsource_BID
	https://kalypto.org/research/netgear-vulnerability-expanded/	x_refsource_MISC
	http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2022-03-07

Due date: 2022-09-07

Required action: Apply updates per vendor instructions.

Used in ransomware: Unknown

Notes: https://nvd.nist.gov/vuln/detail/CVE-2016-6277

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:22:20.753Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "40889",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/40889/"
          },
          {
            "name": "41598",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/41598/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.netgear.com/000036386/CVE-2016-582384"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/"
          },
          {
            "name": "VU#582384",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/582384"
          },
          {
            "name": "94819",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94819"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kalypto.org/research/netgear-vulnerability-expanded/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2016-6277",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T20:58:09.940409Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-03-07",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-6277"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-352",
                "description": "CWE-352 Cross-Site Request Forgery (CSRF)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:55:47.695Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-6277"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-03-07T00:00:00.000Z",
            "value": "CVE-2016-6277 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-17T17:06:02.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "40889",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/40889/"
        },
        {
          "name": "41598",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/41598/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.netgear.com/000036386/CVE-2016-582384"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/"
        },
        {
          "name": "VU#582384",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/582384"
        },
        {
          "name": "94819",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94819"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kalypto.org/research/netgear-vulnerability-expanded/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-6277",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "40889",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/40889/"
            },
            {
              "name": "41598",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/41598/"
            },
            {
              "name": "http://kb.netgear.com/000036386/CVE-2016-582384",
              "refsource": "CONFIRM",
              "url": "http://kb.netgear.com/000036386/CVE-2016-582384"
            },
            {
              "name": "http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/",
              "refsource": "MISC",
              "url": "http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/"
            },
            {
              "name": "VU#582384",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/582384"
            },
            {
              "name": "94819",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94819"
            },
            {
              "name": "https://kalypto.org/research/netgear-vulnerability-expanded/",
              "refsource": "MISC",
              "url": "https://kalypto.org/research/netgear-vulnerability-expanded/"
            },
            {
              "name": "http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-6277",
    "datePublished": "2016-12-14T16:00:00.000Z",
    "dateReserved": "2016-07-22T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:55:47.695Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2016-6277",
      "cwes": "[\"CWE-352\"]",
      "dateAdded": "2022-03-07",
      "dueDate": "2022-09-07",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2016-6277",
      "product": "Multiple Routers",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "NETGEAR confirmed multiple routers allow unauthenticated web pages to pass form input directly to the command-line interface, permitting remote code execution.",
      "vendorProject": "NETGEAR",
      "vulnerabilityName": "NETGEAR Multiple Routers Remote Code Execution Vulnerability"
    },
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.exploit-db.com/exploits/40889/\", \"name\": \"40889\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/41598/\", \"name\": \"41598\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"http://kb.netgear.com/000036386/CVE-2016-582384\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/582384\", \"name\": \"VU#582384\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/94819\", \"name\": \"94819\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://kalypto.org/research/netgear-vulnerability-expanded/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-06T01:22:20.753Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2016-6277\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-04T20:58:09.940409Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-03-07\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-6277\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-03-07T00:00:00.000Z\", \"value\": \"CVE-2016-6277 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-6277\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-352\", \"description\": \"CWE-352 Cross-Site Request Forgery (CSRF)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-04T20:58:12.981Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2016-12-07T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.exploit-db.com/exploits/40889/\", \"name\": \"40889\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"https://www.exploit-db.com/exploits/41598/\", \"name\": \"41598\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"http://kb.netgear.com/000036386/CVE-2016-582384\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/582384\", \"name\": \"VU#582384\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\"]}, {\"url\": \"http://www.securityfocus.com/bid/94819\", \"name\": \"94819\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://kalypto.org/research/netgear-vulnerability-expanded/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2019-12-17T17:06:02.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://www.exploit-db.com/exploits/40889/\", \"name\": \"40889\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"https://www.exploit-db.com/exploits/41598/\", \"name\": \"41598\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"http://kb.netgear.com/000036386/CVE-2016-582384\", \"name\": \"http://kb.netgear.com/000036386/CVE-2016-582384\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/\", \"name\": \"http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.kb.cert.org/vuls/id/582384\", \"name\": \"VU#582384\", \"refsource\": \"CERT-VN\"}, {\"url\": \"http://www.securityfocus.com/bid/94819\", \"name\": \"94819\", \"refsource\": \"BID\"}, {\"url\": \"https://kalypto.org/research/netgear-vulnerability-expanded/\", \"name\": \"https://kalypto.org/research/netgear-vulnerability-expanded/\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2016-6277\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2016-6277\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:55:47.695Z\", \"dateReserved\": \"2016-07-22T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2016-12-14T16:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2016-ALE-010

Vulnerability from certfr_alerte

Une vulnérabilité a été découverte dans les routeurs Netgear. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Description

Le 9 décembre 2016, Netgear a émis un avis de sécurité indiquant que plusieurs de ses routeurs étaient vulnérables à une injection de commande à distance.
Un attaquant non authentifié peut exploiter cette vulnérabilité à distance si l'utilisateur se rend sur un site piégé.
Cela lui permet alors d'exécuter des commandes arbitraires avec les privilèges les plus élevés (root).
A noter qu'un attaquant présent sur le réseau local peut directement exploiter cette vulnérabilité.

Depuis le 24 décembre 2016, un correctif de sécurité est disponible pour le micrologiciel de chaque modèle vulnérable.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation)

None

Impacted products

Vendor	Product	Description
N/A	N/A	R6900
N/A	N/A	R7900
N/A	N/A	R8000
N/A	N/A	R6700
N/A	N/A	D6400
N/A	N/A	D6220
N/A	N/A	R6250
N/A	N/A	R7300DST
N/A	N/A	R7000
N/A	N/A	R7100LG
N/A	N/A	R6400

References

Title

Publication Time

Tags

Bulletin de sécurité Netgear du 09 décembre 2016	None	vendor-advisory
CERT Carnegie Mellon	-	other
Avis CERT-FR CERTFR-2016-AVI-430 Routeurs Netgear	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "R6900",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "R7900",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "R8000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "R6700",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "D6400",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "D6220",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "R6250",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "R7300DST",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "R7000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "R7100LG",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "R6400",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2016-12-26",
  "content": "## Description\n\nLe 9 d\u00e9cembre 2016, Netgear a \u00e9mis un avis de s\u00e9curit\u00e9 indiquant que\nplusieurs de ses routeurs \u00e9taient vuln\u00e9rables \u00e0 une injection de\ncommande \u00e0 distance.  \nUn attaquant non authentifi\u00e9 peut exploiter cette vuln\u00e9rabilit\u00e9 \u00e0\ndistance si l\u0027utilisateur se rend sur un site pi\u00e9g\u00e9.  \nCela lui permet alors d\u0027ex\u00e9cuter des commandes arbitraires avec les\nprivil\u00e8ges les plus \u00e9lev\u00e9s (root).  \nA noter qu\u0027un attaquant pr\u00e9sent sur le r\u00e9seau local peut directement\nexploiter cette vuln\u00e9rabilit\u00e9.\n\nDepuis le 24 d\u00e9cembre 2016, un correctif de s\u00e9curit\u00e9 est disponible pour\nle micrologiciel de chaque mod\u00e8le vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation)\n",
  "cves": [
    {
      "name": "CVE-2016-582384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-582384"
    },
    {
      "name": "CVE-2016-6277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6277"
    }
  ],
  "initial_release_date": "2016-12-13T00:00:00",
  "last_revision_date": "2016-12-26T00:00:00",
  "links": [
    {
      "title": "CERT Carnegie Mellon",
      "url": "https://www.kb.cert.org/vuls/id/582384"
    },
    {
      "title": "Avis CERT-FR CERTFR-2016-AVI-430 Routeurs Netgear",
      "url": "http://www.cert.ssi.gouv.fr/site/CERTFR-2016-AVI-430/index.html"
    }
  ],
  "reference": "CERTFR-2016-ALE-010",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-12-13T00:00:00.000000"
    },
    {
      "description": "mise \u00e0 jour de la liste des syst\u00e8mes affect\u00e9s et cl\u00f4ture de l\u0027alerte.",
      "revision_date": "2016-12-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans \u003cspan class=\"textit\"\u003eles\nrouteurs Netgear\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance.  \n",
  "title": "Vuln\u00e9rabilit\u00e9 dans les routeurs Netgear",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Netgear du 09 d\u00e9cembre 2016",
      "url": "http://kb.netgear.com/000036386/CVE-2016-582384"
    }
  ]
}

CERTFR-2016-AVI-430

Vulnerability from certfr_avis

Une vulnérabilité a été corrigée dans les routeurs Netgear. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	R6900
N/A	N/A	R7900
N/A	N/A	R8000
N/A	N/A	R6700
N/A	N/A	D6400
N/A	N/A	D6220
N/A	N/A	R6250
N/A	N/A	R7300DST
N/A	N/A	R7000
N/A	N/A	R7100LG
N/A	N/A	R6400

References

Title

Publication Time

Tags

Bulletin de sécurité Netgear du 24 décembre 2016

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "R6900",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "R7900",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "R8000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "R6700",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "D6400",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "D6220",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "R6250",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "R7300DST",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "R7000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "R7100LG",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "R6400",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-6277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6277"
    },
    {
      "name": "CVE-2016-582384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-582384"
    }
  ],
  "initial_release_date": "2016-12-26T00:00:00",
  "last_revision_date": "2016-12-26T00:00:00",
  "links": [],
  "reference": "CERTFR-2016-AVI-430",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-12-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eles routeurs\nNetgear\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans les routeurs Netgear",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Netgear du 24 d\u00e9cembre 2016",
      "url": "http://kb.netgear.com/000036386/CVE-2016-582384"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2016-6277 (GCVE-0-2016-6277)

Vulnerability from cvelistv5

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

CERTFR-2016-ALE-010

Vulnerability from certfr_alerte

Description

Solution

CERTFR-2016-AVI-430

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature