13 matches found
Netgear R6400 - Remote Code Execution
Netgear R6400 - Remote Code Execution Exploit Title: Netgear R6400 - Remote Code Execution Date: 2019-12-14 Exploit Author: Kevin Randall CVE: CVE-2016-6277 Vendor Homepage: https://www.netgear.com/ Category: Hardware Version: V1.0.7.21.1.93 PoC !/usr/bin/python import urllib2 IPADDR =...
Netgear R6400 Remote Code Execution
Exploit Title: Netgear R6400 - Remote Code Execution Date: 2019-12-14 Exploit Author: Kevin Randall CVE: CVE-2016-6277 Vendor Homepage: https://www.netgear.com/ Category: Hardware Version: V1.0.7.21.1.93 PoC !/usr/bin/python import urllib2 IPADDR = "192.168.1.1" PROTOCOL = "http://" DIRECTORY =...
Netgear R6400 - Remote Code Execution Exploit
Exploit for hardware platform in category web applications Exploit Title: Netgear R6400 - Remote Code Execution Exploit Author: Kevin Randall CVE: CVE-2016-6277 Vendor Homepage: https://www.netgear.com/ Category: Hardware Version: V1.0.7.21.1.93 PoC !/usr/bin/python import urllib2 IPADDR =...
Netgear R6400 - Remote Code Execution
Exploit Title: Netgear R6400 - Remote Code Execution Date: 2019-12-14 Exploit Author: Kevin Randall CVE: CVE-2016-6277 Vendor Homepage: https://www.netgear.com/ Category: Hardware Version: V1.0.7.21.1.93 PoC !/usr/bin/python import urllib2 IPADDR = "192.168.1.1" PROTOCOL = "http://" DIRECTORY =...
Netgear R7000 and R6400 cgi-bin Command Injection (CVE-2016-6277)
A command injection vulnerability exists in Netgear R7000 and R6400. The vulnerability is due to insufficient input validation in the router's web administration. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code...
Netgear R7000 / R6400 cgi-bin Command Injection
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Netgear R7000 and R6400 cgi-bin Command Injection", 'Description' = %q This module exploits an arbitrary command injection...
Netgear R7000 / R6400 cgi-bin Command Injection Exploit
This Metasploit module exploits an arbitrary command injection vulnerability in Netgear R7000 and R6400 router firmware version 1.0.7.21.1.93 and possibly earlier. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework requir...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6277. Reason: This candidate was withdrawn by its CNA. Notes: All CVE users should reference CVE-2016-6277 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental...
CVE-2016-6277
NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow...
CVE-2016-6277
CVE-2016-6277 affects Netgear routers (R6250, R6400, R6700, R6900, R7000, R7100LG, R7300DST, R7900, R8000, D6220, D6400, D7000, and possibly others) where remote attackers could execute arbitrary commands via shell metacharacters in the path info to cgi-bin/. Root cause is unsanitized/crafted pat...
NETGEAR Routers RCE Vulnerability (CVE-2016-6277) - Active Check
Multiple Netgear routers are prone to a remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX =...
Multiple Netgear routers are vulnerable to arbitrary command injection
Overview Netgear R6250, R6400, R6700, R6900, R7000, R7100LG, R7300DST, R7900, R8000, D6220, and D6400 routers and possibly other models are vulnerable to arbitrary command injection. Description CWE-77: Improper Neutralization of Special Elements used in a Command 'Command Injection' , CWE-306:...
CVE-2016-6277
creationtimestamp| type| source ---|---|--- 2016-12-07 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40889 2017-03-13 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41598 2018-05-24 15:44:33+00:00| seen| MISP/5b06d57d-f2b8-4357-9038-45d39f590eb0 2018-05-29...