Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2016-10176
HistoryJan 30, 2017 - 4:24 a.m.

CVE-2016-10176

2017-01-3004:24:00
mitre
www.cve.org

9.9 High

AI Score

Confidence

High

0.296 Low

EPSS

Percentile

97.0%

JSON

The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the web server of the device. This special URL is handled by the embedded web server (uhttpd) and processed accordingly. The web server also contains another URL, apply_noauth.cgi, that allows an unauthenticated user to perform sensitive actions on the device. This functionality can be exploited to change the router settings (such as the answers to the password-recovery questions) and achieve remote code execution.

Related

cve 2
prion 2
nvd 2
checkpoint_advisories 1
cvelist 1
openvas 1
cve
cve
CVE-2016-10176
2017-01-30 04:59:00
CVE-2016-10175
2017-01-30 04:59:00
prion
prion
Remote code execution
2017-01-30 04:59:00
Design/Logic Flaw
2017-01-30 04:59:00
nvd
nvd
CVE-2016-10176
2017-01-30 04:59:00
CVE-2016-10175
2017-01-30 04:59:00
checkpoint_advisories
checkpoint_advisories
NETGEAR WNR2000 Authentication Bypass (CVE-2016-10176)
2018-05-24 00:00:00
cvelist
cvelist
CVE-2016-10175
2017-01-30 04:24:00
openvas
openvas
NETGEAR WNR2000 Router Multiple Vulnerabilities
2016-12-30 00:00:00

9.9 High

AI Score

Confidence

High

0.296 Low

EPSS

Percentile

97.0%

JSON
Related for CVELIST:CVE-2016-10176
cve2prion2nvd2checkpoint_advisories1cvelist1openvas1