Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2016-10176
HistoryJan 30, 2017 - 4:59 a.m.

Remote code execution

2017-01-3004:59:00
PRIOn knowledge base
www.prio-n.com
4

9.7 High

AI Score

Confidence

High

0.296 Low

EPSS

Percentile

97.0%

JSON

The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the web server of the device. This special URL is handled by the embedded web server (uhttpd) and processed accordingly. The web server also contains another URL, apply_noauth.cgi, that allows an unauthenticated user to perform sensitive actions on the device. This functionality can be exploited to change the router settings (such as the answers to the password-recovery questions) and achieve remote code execution.

CPENameOperatorVersion
wnr2000v5_firmwarele1.0.0.34

Related

cve 2
nvd 2
cvelist 2
checkpoint_advisories 1
prion 1
openvas 1
cve
cve
CVE-2016-10176
2017-01-30 04:59:00
CVE-2016-10175
2017-01-30 04:59:00
nvd
nvd
CVE-2016-10176
2017-01-30 04:59:00
CVE-2016-10175
2017-01-30 04:59:00
cvelist
cvelist
CVE-2016-10176
2017-01-30 04:24:00
CVE-2016-10175
2017-01-30 04:24:00
checkpoint_advisories
checkpoint_advisories
NETGEAR WNR2000 Authentication Bypass (CVE-2016-10176)
2018-05-24 00:00:00
prion
prion
Design/Logic Flaw
2017-01-30 04:59:00
openvas
openvas
NETGEAR WNR2000 Router Multiple Vulnerabilities
2016-12-30 00:00:00

9.7 High

AI Score

Confidence

High

0.296 Low

EPSS

Percentile

97.0%

JSON
Related for PRION:CVE-2016-10176
cve2nvd2cvelist2checkpoint_advisories1prion1openvas1