cbcvebase.
CVE-2016-1555
published 2017-04-21

CVE-2016-1555: (1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2…

critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2022-04-15
Exploited in the wild
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands.

Affected

7 ranges
VendorProductVersion rangeFixed in
netgearwn604_firmware<= 3.3.2
netgearwn802tv2_firmware<= 3.0.5.0
netgearwnap320_firmware<= 3.0.5.0
netgearwndap210v2_firmware<= 3.0.5.0
netgearwndap350_firmware<= 3.0.5.0
netgearwndap360_firmware<= 3.0.5.0
netgearwndap660_firmware<= 3.0.5.0

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL
cisa9.8CRITICAL