Remote Command Execution Vulnerability in NETGEAR Routers
CVE-2016-6277
Key Information:
- Vendor
Netgear
- Vendor
- CVE Published:
- 14 December 2016
Badges
What is CVE-2016-6277?
NETGEAR routers, including multiple models such as R6250, R6400, and R7000, are susceptible to a vulnerability that enables remote attackers to execute arbitrary commands. This flaw is exploited by manipulating shell metacharacters in the path info sent to the cgi-bin, allowing unauthorized execution of commands from a remote location. Users are strongly advised to update their firmware to the latest version to mitigate this risk.
CISA has reported CVE-2016-6277
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2016-6277 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply updates per vendor instructions.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
EPSS Score
94% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 👾
Exploit known to exist
- 🦅
CISA Reported
- 🟡
Public PoC available
Vulnerability published
Vulnerability Reserved