CVE-2016-6277 (GCVE-0-2016-6277)
Vulnerability from cvelistv5 – Published: 2016-12-14 16:00 – Updated: 2025-10-21 23:55- n/a
- CWE-352 - Cross-Site Request Forgery (CSRF)
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/40889/ | exploitx_refsource_EXPLOIT-DB |
| https://www.exploit-db.com/exploits/41598/ | exploitx_refsource_EXPLOIT-DB |
| http://kb.netgear.com/000036386/CVE-2016-582384 | x_refsource_CONFIRM |
| http://www.sj-vs.net/a-temporary-fix-for-cert-vu5… | x_refsource_MISC |
| https://www.kb.cert.org/vuls/id/582384 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securityfocus.com/bid/94819 | vdb-entryx_refsource_BID |
| https://kalypto.org/research/netgear-vulnerabilit… | x_refsource_MISC |
| http://packetstormsecurity.com/files/155712/Netge… | x_refsource_MISC |
| https://www.cisa.gov/known-exploited-vulnerabilit… | government-resource |
CISA
Known Exploited Vulnerability - GCVE BCP-07 Compliant
Exploited: Yes
Timestamps
Scope
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | CWE-352 |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | Multiple Routers |
| Due Date | 2022-09-07 |
| Date Added | 2022-03-07 |
| Vendorproject | NETGEAR |
| Vulnerabilityname | NETGEAR Multiple Routers Remote Code Execution Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
Shadowserver
Known Exploited Vulnerability - GCVE BCP-07 Compliant
Exploited: Yes
Characteristics
Timestamps
Scope
Evidence
Type: Honeypot
Signal: In The Wild Attempts
Confidence: 70%
Source: shadowserver
Details
| 1D | 88 |
|---|---|
| Iot | yes |
| Feed | Shadowserver Foundation honeypot/exploited-vulnerabilities |
| Type | http-scan |
| Class | router |
| 7D Avg | 98 |
| Vendor | Netgear |
| 30D Avg | 86 |
| 90D Avg | 91 |
| Product | NETGEAR R/D Series Routers |
| Cisa Kev | yes |
| Connections | 88 |
| Observation Date | 2026-07-05 |
| Vulnerability Class | CVSS |
| Vulnerability Score | 8.8 |
| Vulnerability Severity | High |
References
KEVIntel
Known Exploited Vulnerability - GCVE BCP-07 Compliant
Exploited: Yes
Timestamps
Scope
Evidence
Type: Public Report
Signal: Successful Exploitation
Confidence: 70%
Source: kevintel
Details
| Feed | KEVIntel (kevintel.com) |
|---|---|
| Title | NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before... |
| Vendor | NETGEAR |
| Product | Routers |
| Added Date | 2022-03-07T00:00:00.000Z |
| Cvss Score | 8.8 |
| Epss Score | 0.99781 |
| Cvss Severity | HIGH |
| Epss Percentile | 0.99955 |
| Used In Malware | unknown |
| Ahead Of Cisa Kev | None |
| Not Yet In Cisa Kev | False |
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:22:20.753Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "40889",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40889/"
},
{
"name": "41598",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/41598/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.netgear.com/000036386/CVE-2016-582384"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/"
},
{
"name": "VU#582384",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/582384"
},
{
"name": "94819",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94819"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kalypto.org/research/netgear-vulnerability-expanded/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2016-6277",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T20:58:09.940409Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-07",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-6277"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:55:47.695Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-6277"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-03-07T00:00:00.000Z",
"value": "CVE-2016-6277 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-17T17:06:02.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "40889",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40889/"
},
{
"name": "41598",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/41598/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.netgear.com/000036386/CVE-2016-582384"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/"
},
{
"name": "VU#582384",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/582384"
},
{
"name": "94819",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94819"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kalypto.org/research/netgear-vulnerability-expanded/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40889",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40889/"
},
{
"name": "41598",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41598/"
},
{
"name": "http://kb.netgear.com/000036386/CVE-2016-582384",
"refsource": "CONFIRM",
"url": "http://kb.netgear.com/000036386/CVE-2016-582384"
},
{
"name": "http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/",
"refsource": "MISC",
"url": "http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/"
},
{
"name": "VU#582384",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/582384"
},
{
"name": "94819",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94819"
},
{
"name": "https://kalypto.org/research/netgear-vulnerability-expanded/",
"refsource": "MISC",
"url": "https://kalypto.org/research/netgear-vulnerability-expanded/"
},
{
"name": "http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6277",
"datePublished": "2016-12-14T16:00:00.000Z",
"dateReserved": "2016-07-22T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:55:47.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2016-6277",
"cwes": "[\"CWE-352\"]",
"dateAdded": "2022-03-07",
"dueDate": "2022-09-07",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://nvd.nist.gov/vuln/detail/CVE-2016-6277",
"product": "Multiple Routers",
"requiredAction": "Apply updates per vendor instructions.",
"shortDescription": "NETGEAR confirmed multiple routers allow unauthenticated web pages to pass form input directly to the command-line interface, permitting remote code execution.",
"vendorProject": "NETGEAR",
"vulnerabilityName": "NETGEAR Multiple Routers Remote Code Execution Vulnerability"
},
"epss": {
"cve": "CVE-2016-6277",
"date": "2026-07-07",
"epss": "0.99781",
"percentile": "0.99955"
},
"fkie_nvd": {
"cisaActionDue": "2022-09-07",
"cisaExploitAdd": "2022-03-07",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "NETGEAR Multiple Routers Remote Code Execution Vulnerability",
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0.0.22\", \"matchCriteriaId\": \"DAF7A31E-C1DC-4E58-88EE-FA3A9789019F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3EEA190-2E9C-4586-BF81-B115532FBA23\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0.0.56\", \"matchCriteriaId\": \"A08DA055-1A32-43BE-ABF8-42749B128C5E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D30939B-86E3-4C78-9B05-686B4994C8B9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0.4.6_10.1.12\", \"matchCriteriaId\": \"6C6FED5E-959B-403B-8770-BE16123ACDB3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"321BE843-52C4-4638-A321-439CA7B3A6F2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0.1.18\", \"matchCriteriaId\": \"1788A7DF-F29A-4A71-BDC8-8CAAB37F59A9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E4CDF6B-3829-44D0-9675-71D7BE83CAA2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0.1.14\", \"matchCriteriaId\": \"55F9D994-3ACD-4608-84D4-070576FD23EF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"21B27F11-4262-4CE1-8107-B365A7C152F2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0.1.14\", \"matchCriteriaId\": \"F990A820-178D-4353-8C9A-D575A41A1C69\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0794BB7C-1BCF-4F08-8EB2-9C3B150C105A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0.7.2_1.1.93\", \"matchCriteriaId\": \"1BE6F59B-4520-40E4-8E59-0EB72844297F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9F86FF6-AB32-4E51-856A-DDE790C0A9A6\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0.0.28\", \"matchCriteriaId\": \"D4B29972-7657-41E4-AB1D-F2183479927E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"366FA778-3C2A-42AF-9141-DAD7043B406C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0.0.46\", \"matchCriteriaId\": \"103B8B8E-A5C1-4717-BA09-6E9C3B784BBE\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C75148EB-DE6C-4C5C-BF34-4800A66CF11C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0.1.8\", \"matchCriteriaId\": \"748C0BC1-A42B-41BA-AD88-116C160EBE8B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C484840F-AF30-4B5C-821A-4DB9BE407BDB\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0.3.26\", \"matchCriteriaId\": \"192A2E30-17D1-4DB4-892C-E15CB32BDA25\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B39F095-8FE8-43FD-A866-7B613B495984\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/.\"}, {\"lang\": \"es\", \"value\": \"NETGEAR R6250 en versiones anteriores a 1.0.4.6.Beta, R6400 en versiones anteriores a 1.0.1.18.Beta, R6700 en versiones anteriores a 1.0.1.14.Beta, R6900, R7000 en versiones anteriores a 1.0.7.6.Beta, R7100LG en versiones anteriores a 1.0.0.28.Beta, R7300DST en versiones anteriores a 1.0.0.46.Beta, R7900 en versiones anteriores a 1.0.1.8.Beta, R8000 en versiones anteriores a 1.0.3.26.Beta, D6220, D6400, D7000 y posiblemente otros routers permiten a atacantes remotos ejecutar comandos a trav\\u00e9s de metacaract\\u00e9res shell en la ruta info a cgi-bin/.\"}]",
"id": "CVE-2016-6277",
"lastModified": "2024-11-21T02:55:48.300",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2016-12-14T16:59:00.350",
"references": "[{\"url\": \"http://kb.netgear.com/000036386/CVE-2016-582384\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/94819\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Mitigation\", \"Third Party Advisory\"]}, {\"url\": \"https://kalypto.org/research/netgear-vulnerability-expanded/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/40889/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.exploit-db.com/exploits/41598/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/582384\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://kb.netgear.com/000036386/CVE-2016-582384\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/94819\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Mitigation\", \"Third Party Advisory\"]}, {\"url\": \"https://kalypto.org/research/netgear-vulnerability-expanded/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/40889/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.exploit-db.com/exploits/41598/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/582384\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-352\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-6277\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-12-14T16:59:00.350\",\"lastModified\":\"2026-04-21T16:23:17.020\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/.\"},{\"lang\":\"es\",\"value\":\"NETGEAR R6250 en versiones anteriores a 1.0.4.6.Beta, R6400 en versiones anteriores a 1.0.1.18.Beta, R6700 en versiones anteriores a 1.0.1.14.Beta, R6900, R7000 en versiones anteriores a 1.0.7.6.Beta, R7100LG en versiones anteriores a 1.0.0.28.Beta, R7300DST en versiones anteriores a 1.0.0.46.Beta, R7900 en versiones anteriores a 1.0.1.8.Beta, R8000 en versiones anteriores a 1.0.3.26.Beta, D6220, D6400, D7000 y posiblemente otros routers permiten a atacantes remotos ejecutar comandos a trav\u00e9s de metacaract\u00e9res shell en la ruta info a cgi-bin/.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"cisaExploitAdd\":\"2022-03-07\",\"cisaActionDue\":\"2022-09-07\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"NETGEAR Multiple Routers Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.0.22\",\"matchCriteriaId\":\"DAF7A31E-C1DC-4E58-88EE-FA3A9789019F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3EEA190-2E9C-4586-BF81-B115532FBA23\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.0.56\",\"matchCriteriaId\":\"A08DA055-1A32-43BE-ABF8-42749B128C5E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D30939B-86E3-4C78-9B05-686B4994C8B9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.4.6_10.1.12\",\"matchCriteriaId\":\"6C6FED5E-959B-403B-8770-BE16123ACDB3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"321BE843-52C4-4638-A321-439CA7B3A6F2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.1.18\",\"matchCriteriaId\":\"1788A7DF-F29A-4A71-BDC8-8CAAB37F59A9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E4CDF6B-3829-44D0-9675-71D7BE83CAA2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.1.14\",\"matchCriteriaId\":\"55F9D994-3ACD-4608-84D4-070576FD23EF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21B27F11-4262-4CE1-8107-B365A7C152F2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.1.14\",\"matchCriteriaId\":\"F990A820-178D-4353-8C9A-D575A41A1C69\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0794BB7C-1BCF-4F08-8EB2-9C3B150C105A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.7.2_1.1.93\",\"matchCriteriaId\":\"1BE6F59B-4520-40E4-8E59-0EB72844297F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9F86FF6-AB32-4E51-856A-DDE790C0A9A6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.0.28\",\"matchCriteriaId\":\"D4B29972-7657-41E4-AB1D-F2183479927E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"366FA778-3C2A-42AF-9141-DAD7043B406C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.0.46\",\"matchCriteriaId\":\"103B8B8E-A5C1-4717-BA09-6E9C3B784BBE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C75148EB-DE6C-4C5C-BF34-4800A66CF11C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.1.8\",\"matchCriteriaId\":\"748C0BC1-A42B-41BA-AD88-116C160EBE8B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C484840F-AF30-4B5C-821A-4DB9BE407BDB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.3.26\",\"matchCriteriaId\":\"192A2E30-17D1-4DB4-892C-E15CB32BDA25\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B39F095-8FE8-43FD-A866-7B613B495984\"}]}]}],\"references\":[{\"url\":\"http://kb.netgear.com/000036386/CVE-2016-582384\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/94819\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://kalypto.org/research/netgear-vulnerability-expanded/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/40889/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/41598/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/582384\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://kb.netgear.com/000036386/CVE-2016-582384\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/94819\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://kalypto.org/research/netgear-vulnerability-expanded/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/40889/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/41598/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/582384\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-6277\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.exploit-db.com/exploits/40889/\", \"name\": \"40889\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/41598/\", \"name\": \"41598\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"http://kb.netgear.com/000036386/CVE-2016-582384\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/582384\", \"name\": \"VU#582384\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/94819\", \"name\": \"94819\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://kalypto.org/research/netgear-vulnerability-expanded/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-06T01:22:20.753Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2016-6277\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-04T20:58:09.940409Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-03-07\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-6277\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-03-07T00:00:00.000Z\", \"value\": \"CVE-2016-6277 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-6277\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-352\", \"description\": \"CWE-352 Cross-Site Request Forgery (CSRF)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-04T20:58:12.981Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2016-12-07T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.exploit-db.com/exploits/40889/\", \"name\": \"40889\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"https://www.exploit-db.com/exploits/41598/\", \"name\": \"41598\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"http://kb.netgear.com/000036386/CVE-2016-582384\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/582384\", \"name\": \"VU#582384\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\"]}, {\"url\": \"http://www.securityfocus.com/bid/94819\", \"name\": \"94819\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://kalypto.org/research/netgear-vulnerability-expanded/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2019-12-17T17:06:02.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://www.exploit-db.com/exploits/40889/\", \"name\": \"40889\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"https://www.exploit-db.com/exploits/41598/\", \"name\": \"41598\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"http://kb.netgear.com/000036386/CVE-2016-582384\", \"name\": \"http://kb.netgear.com/000036386/CVE-2016-582384\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/\", \"name\": \"http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.kb.cert.org/vuls/id/582384\", \"name\": \"VU#582384\", \"refsource\": \"CERT-VN\"}, {\"url\": \"http://www.securityfocus.com/bid/94819\", \"name\": \"94819\", \"refsource\": \"BID\"}, {\"url\": \"https://kalypto.org/research/netgear-vulnerability-expanded/\", \"name\": \"https://kalypto.org/research/netgear-vulnerability-expanded/\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2016-6277\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2016-6277\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:55:47.695Z\", \"dateReserved\": \"2016-07-22T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2016-12-14T16:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.