Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-582384 (GCVE-0-2016-582384)
Vulnerability from cvelistv5
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6277. Reason: This candidate was withdrawn by its CNA. Notes: All CVE users should reference CVE-2016-6277 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2016-12-14T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"rejectedReasons": [
{
"lang": "en",
"value": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6277. Reason: This candidate was withdrawn by its CNA. Notes: All CVE users should reference CVE-2016-6277 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-582384",
"datePublished": "2016-12-14T16:00:00",
"dateRejected": "2016-12-14T21:57:01",
"dateReserved": "2016-12-14T00:00:00",
"dateUpdated": "2016-12-14T21:57:01",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.0",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2016-582384\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-12-14T16:59:00.177\",\"lastModified\":\"2023-11-07T02:32:52.900\",\"vulnStatus\":\"Rejected\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6277. Reason: This candidate was withdrawn by its CNA. Notes: All CVE users should reference CVE-2016-6277 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage\"}],\"metrics\":{},\"references\":[]}}"
}
}
gsd-2016-582384
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6277. Reason: This candidate was withdrawn by its CNA. Notes: All CVE users should reference CVE-2016-6277 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-582384",
"description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6277. Reason: This candidate was withdrawn by its CNA. Notes: All CVE users should reference CVE-2016-6277 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
"id": "GSD-2016-582384"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-582384"
],
"details": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6277. Reason: This candidate was withdrawn by its CNA. Notes: All CVE users should reference CVE-2016-6277 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.",
"id": "GSD-2016-582384",
"modified": "2023-12-13T01:21:26.103081Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-582384",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6277. Reason: This candidate was withdrawn by its CNA. Notes: All CVE users should reference CVE-2016-6277 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
}
}
}
var-201612-0228
Vulnerability from variot
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6277. Reason: This candidate was withdrawn by its CNA. Notes: All CVE users should reference CVE-2016-6277 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Netgear R6250, R6400, R6700, R6900, R7000, R7100LG, R7300DST, R7900, R8000, D6220, and D6400 routers and possibly other models are vulnerable to arbitrary command injection. Multiple Netgear Routers are prone to a remote command-injection vulnerability. Successfully exploiting this issue may allow an attacker to inject and execute arbitrary commands in the context of the affected device. Netgear R6400 running firmware version 1.0.1.6_1.0.4 and prior. Netgear R8000 running firmware version 1.0.3.4_1.1.2. Security flaws exist in several NETGEAR routing products. An attacker can exploit this vulnerability to execute arbitrary code with the help of shell metacharacters
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201612-0228",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netgear",
"version": null
},
{
"model": "r8000 1.0.3.4 1.1.2",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "r7000 1.0.7.2 1.1.93",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"model": "r6400 1.0.1.6 1.0.4",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#582384"
},
{
"db": "BID",
"id": "94819"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Chad Dougherty",
"sources": [
{
"db": "BID",
"id": "94819"
}
],
"trust": 0.3
},
"cve": "CVE-2016-582384",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.3,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.0,
"exploitability": "HIGH",
"exploitabilityScore": 8.6,
"id": "CVE-2016-6277",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "MEDIUM",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-95097",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-6277",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-95097",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#582384"
},
{
"db": "VULHUB",
"id": "VHN-95097"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6277. Reason: This candidate was withdrawn by its CNA. Notes: All CVE users should reference CVE-2016-6277 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Netgear R6250, R6400, R6700, R6900, R7000, R7100LG, R7300DST, R7900, R8000, D6220, and D6400 routers and possibly other models are vulnerable to arbitrary command injection. Multiple Netgear Routers are prone to a remote command-injection vulnerability. \nSuccessfully exploiting this issue may allow an attacker to inject and execute arbitrary commands in the context of the affected device. \nNetgear R6400 running firmware version 1.0.1.6_1.0.4 and prior. \nNetgear R8000 running firmware version 1.0.3.4_1.1.2. Security flaws exist in several NETGEAR routing products. An attacker can exploit this vulnerability to execute arbitrary code with the help of shell metacharacters",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-582384"
},
{
"db": "CERT/CC",
"id": "VU#582384"
},
{
"db": "BID",
"id": "94819"
},
{
"db": "VULHUB",
"id": "VHN-94643"
},
{
"db": "VULHUB",
"id": "VHN-95097"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/582384",
"trust": 0.8,
"type": "unknown"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-95097",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#582384"
},
{
"db": "VULHUB",
"id": "VHN-95097"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-582384",
"trust": 2.3
},
{
"db": "CERT/CC",
"id": "VU#582384",
"trust": 1.2
},
{
"db": "EXPLOIT-DB",
"id": "40889",
"trust": 0.9
},
{
"db": "BID",
"id": "94819",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-94643",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "41598",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155712",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "141585",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-92571",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201612-432",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-95097",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#582384"
},
{
"db": "VULHUB",
"id": "VHN-94643"
},
{
"db": "VULHUB",
"id": "VHN-95097"
},
{
"db": "BID",
"id": "94819"
},
{
"db": "NVD",
"id": "CVE-2016-582384"
}
]
},
"id": "VAR-201612-0228",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-94643"
},
{
"db": "VULHUB",
"id": "VHN-95097"
}
],
"trust": 1.012499975
},
"last_update_date": "2024-09-09T23:07:10.052000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95097"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://kb.netgear.com/000036386/cve-2016-582384"
},
{
"trust": 0.9,
"url": "https://www.exploit-db.com/exploits/40889/"
},
{
"trust": 0.9,
"url": "http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/"
},
{
"trust": 0.9,
"url": "https://kalypto.org/research/netgear-vulnerability-expanded/"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/77.html"
},
{
"trust": 0.4,
"url": "http://www.kb.cert.org/vuls/id/582384"
},
{
"trust": 0.1,
"url": "http://www.securityfocus.com/bid/94819"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/41598/"
},
{
"trust": 0.1,
"url": "http://packetstormsecurity.com/files/155712/netgear-r6400-remote-code-execution.html"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#582384"
},
{
"db": "VULHUB",
"id": "VHN-95097"
},
{
"db": "BID",
"id": "94819"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#582384"
},
{
"db": "VULHUB",
"id": "VHN-94643"
},
{
"db": "VULHUB",
"id": "VHN-95097"
},
{
"db": "BID",
"id": "94819"
},
{
"db": "NVD",
"id": "CVE-2016-582384"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-09T00:00:00",
"db": "CERT/CC",
"id": "VU#582384"
},
{
"date": "2016-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-94643"
},
{
"date": "2016-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-95097"
},
{
"date": "2016-12-09T00:00:00",
"db": "BID",
"id": "94819"
},
{
"date": "2016-12-14T16:59:00.177000",
"db": "NVD",
"id": "CVE-2016-582384"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-03T00:00:00",
"db": "CERT/CC",
"id": "VU#582384"
},
{
"date": "2016-12-16T00:00:00",
"db": "VULHUB",
"id": "VHN-94643"
},
{
"date": "2017-08-16T00:00:00",
"db": "VULHUB",
"id": "VHN-95097"
},
{
"date": "2017-01-12T01:04:00",
"db": "BID",
"id": "94819"
},
{
"date": "2023-11-07T02:32:52.900000",
"db": "NVD",
"id": "CVE-2016-582384"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "94819"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Netgear routers are vulnerable to arbitrary command injection",
"sources": [
{
"db": "CERT/CC",
"id": "VU#582384"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "94819"
}
],
"trust": 0.3
}
}
CERTFR-2016-ALE-010
Vulnerability from certfr_alerte
Une vulnérabilité a été découverte dans les routeurs Netgear. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.
Description
Le 9 décembre 2016, Netgear a émis un avis de sécurité indiquant que
plusieurs de ses routeurs étaient vulnérables à une injection de
commande à distance.
Un attaquant non authentifié peut exploiter cette vulnérabilité à
distance si l'utilisateur se rend sur un site piégé.
Cela lui permet alors d'exécuter des commandes arbitraires avec les
privilèges les plus élevés (root).
A noter qu'un attaquant présent sur le réseau local peut directement
exploiter cette vulnérabilité.
Depuis le 24 décembre 2016, un correctif de sécurité est disponible pour le micrologiciel de chaque modèle vulnérable.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation)
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "R6900",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "R7900",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "R8000",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "R6700",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "D6400",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "D6220",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "R6250",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "R7300DST",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "R7000",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "R7100LG",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "R6400",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"closed_at": "2016-12-26",
"content": "## Description\n\nLe 9 d\u00e9cembre 2016, Netgear a \u00e9mis un avis de s\u00e9curit\u00e9 indiquant que\nplusieurs de ses routeurs \u00e9taient vuln\u00e9rables \u00e0 une injection de\ncommande \u00e0 distance. \nUn attaquant non authentifi\u00e9 peut exploiter cette vuln\u00e9rabilit\u00e9 \u00e0\ndistance si l\u0027utilisateur se rend sur un site pi\u00e9g\u00e9. \nCela lui permet alors d\u0027ex\u00e9cuter des commandes arbitraires avec les\nprivil\u00e8ges les plus \u00e9lev\u00e9s (root). \nA noter qu\u0027un attaquant pr\u00e9sent sur le r\u00e9seau local peut directement\nexploiter cette vuln\u00e9rabilit\u00e9.\n\nDepuis le 24 d\u00e9cembre 2016, un correctif de s\u00e9curit\u00e9 est disponible pour\nle micrologiciel de chaque mod\u00e8le vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation)\n",
"cves": [
{
"name": "CVE-2016-582384",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-582384"
},
{
"name": "CVE-2016-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6277"
}
],
"initial_release_date": "2016-12-13T00:00:00",
"last_revision_date": "2016-12-26T00:00:00",
"links": [
{
"title": "CERT Carnegie Mellon",
"url": "https://www.kb.cert.org/vuls/id/582384"
},
{
"title": "Avis CERT-FR CERTFR-2016-AVI-430 Routeurs Netgear",
"url": "http://www.cert.ssi.gouv.fr/site/CERTFR-2016-AVI-430/index.html"
}
],
"reference": "CERTFR-2016-ALE-010",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-12-13T00:00:00.000000"
},
{
"description": "mise \u00e0 jour de la liste des syst\u00e8mes affect\u00e9s et cl\u00f4ture de l\u0027alerte.",
"revision_date": "2016-12-26T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans \u003cspan class=\"textit\"\u003eles\nrouteurs Netgear\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance. \n",
"title": "Vuln\u00e9rabilit\u00e9 dans les routeurs Netgear",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Netgear du 09 d\u00e9cembre 2016",
"url": "http://kb.netgear.com/000036386/CVE-2016-582384"
}
]
}
CERTFR-2016-AVI-430
Vulnerability from certfr_avis
Une vulnérabilité a été corrigée dans les routeurs Netgear. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "R6900",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "R7900",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "R8000",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "R6700",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "D6400",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "D6220",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "R6250",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "R7300DST",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "R7000",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "R7100LG",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "R6400",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6277"
},
{
"name": "CVE-2016-582384",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-582384"
}
],
"initial_release_date": "2016-12-26T00:00:00",
"last_revision_date": "2016-12-26T00:00:00",
"links": [],
"reference": "CERTFR-2016-AVI-430",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-12-26T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eles routeurs\nNetgear\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans les routeurs Netgear",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Netgear du 24 d\u00e9cembre 2016",
"url": "http://kb.netgear.com/000036386/CVE-2016-582384"
}
]
}
fkie_cve-2016-582384
Vulnerability from fkie_nvd
Published
2016-12-14 16:59
Modified
2023-11-07 02:32
Severity ?
Summary
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6277. Reason: This candidate was withdrawn by its CNA. Notes: All CVE users should reference CVE-2016-6277 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
References
| URL | Tags |
|---|
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6277. Reason: This candidate was withdrawn by its CNA. Notes: All CVE users should reference CVE-2016-6277 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage"
}
],
"id": "CVE-2016-582384",
"lastModified": "2023-11-07T02:32:52.900",
"metrics": {},
"published": "2016-12-14T16:59:00.177",
"references": [],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Rejected"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…