CVE-2016-6277 Scanner
Detects 'Command Injection' vulnerability in NETGEAR Routers affects v. NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Scan only one
Url
Toolbox
-
The NETGEAR routers are a popular choice for individual and business consumers alike, providing reliable and high-speed connectivity to the internet. These routers are used primarily for accessing the internet, managing network traffic and protecting sensitive data of end-users. With a secure setup, these routers allow easy access to online resources such as streaming services, online gaming platforms, and social media websites, while ensuring users' personal information stays protected.
However, a vulnerability identified as CVE-2016-6277 puts these routers and their users at risk. This vulnerability, present in models including R6250, R6400, R6700, R6900, R7000, R7100LG, R7300DST, R7900, R8000, D6220, D6400, D7000 and potentially other devices, enables remote hackers to execute arbitrary commands via shell metacharacters present in the path information to cgi-bin/.
Exploitation of CVE-2016-6277 vulnerability can lead to penetration of private and sensitive areas within these routers, facilitating unauthorized access for cybercriminals and malicious activities such as data theft, modification, and destruction. The worst-case scenarios include remote control over the router, exploitation, and hacking of connected devices within the network, and even the creation of a botnet that may allow attackers to launch DDoS (Distributed Denial of Service) attacks.
Thanks to the pro features of the securityforeveryone.com platform, it's easy to learn about vulnerabilities in your digital assets. By keeping abreast of the latest threats and being proactive in adopting security measures, individuals and businesses can safeguard their digital assets from vulnerabilities such as CVE-2016-6277 and other security risks.
REFERENCES
- http://kb.netgear.com/000036386/CVE-2016-582384
- http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html
- http://www.securityfocus.com/bid/94819
- http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/
- https://kalypto.org/research/netgear-vulnerability-expanded/
- https://www.exploit-db.com/exploits/40889/
- https://www.exploit-db.com/exploits/41598/
- https://www.kb.cert.org/vuls/id/582384
control security posture