The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution.
References
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
Configuration 11 (hide)
| AND |
|
Configuration 12 (hide)
| AND |
|
Configuration 13 (hide)
| AND |
|
Configuration 14 (hide)
| AND |
|
Configuration 15 (hide)
| AND |
|
Configuration 16 (hide)
| AND |
|
Configuration 17 (hide)
| AND |
|
Configuration 18 (hide)
| AND |
|
Configuration 19 (hide)
| AND |
|
Configuration 20 (hide)
| AND |
|
Configuration 21 (hide)
| AND |
|
Configuration 22 (hide)
| AND |
|
Configuration 23 (hide)
| AND |
|
Configuration 24 (hide)
| AND |
|
Configuration 25 (hide)
| AND |
|
Configuration 26 (hide)
| AND |
|
Configuration 27 (hide)
| AND |
|
Configuration 28 (hide)
| AND |
|
History
21 Nov 2024, 02:43
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://kb.netgear.com/000036549/Insecure-Remote-Access-and-Command-Execution-Security-Vulnerability - Vendor Advisory | |
| References | () http://seclists.org/fulldisclosure/2016/Dec/72 - Exploit, Mailing List, Third Party Advisory, VDB Entry | |
| References | () http://www.securityfocus.com/bid/95867 - Broken Link, Third Party Advisory, VDB Entry | |
| References | () https://raw.githubusercontent.com/pedrib/PoC/master/advisories/netgear-wnr2000.txt - Exploit, Technical Description, Third Party Advisory | |
| References | () https://www.exploit-db.com/exploits/40949/ - Exploit, Third Party Advisory, VDB Entry | |
| References | () https://www.exploit-db.com/exploits/41719/ - Exploit, Third Party Advisory, VDB Entry |
16 Jul 2024, 17:58
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Netgear wndr4700
Netgear d6100 Netgear wnr2020 Firmware Netgear r7500v2 Firmware Netgear r6220 Firmware Netgear wndr3800 Netgear wnr1000v4 Firmware Netgear wnr1000v4 Netgear wndr3700v4 Firmware Netgear d7800 Netgear wnr2000v4 Firmware Netgear wnr618 Firmware Netgear r2000 Netgear wnr2500 Netgear d7000 Firmware Netgear d7800 Firmware Netgear wndr4500v3 Netgear wnr2050 Netgear wnr2500 Firmware Netgear wnr2200 Netgear jnr3300 Firmware Netgear jnr1010v2 Firmware Netgear d7000 Netgear wnr618 Netgear jnr3300 Netgear wnr2000v3 Netgear wndr3800 Firmware Netgear jwnr2010v5 Netgear wnr614 Firmware Netgear wndr4300v2 Firmware Netgear d6100 Firmware Netgear wnr1000v2 Netgear wnr614 Netgear r7500 Netgear wndr4300v2 Netgear wndr4700 Firmware Netgear wnr2050 Firmware Netgear r7500 Firmware Netgear r6100 Netgear wndr3700v4 Netgear r2000 Firmware Netgear jwnr2010v5 Firmware Netgear wndr4500v3 Firmware Netgear r6100 Firmware Netgear wnr2200 Firmware Netgear wnr2020 Netgear wndr4300 Netgear wnr1000v2 Firmware Netgear wnr2000v3 Firmware Netgear wnr2000v4 Netgear wndr4300 Firmware Netgear jnr1010v2 Netgear r7500v2 Netgear r6220 |
|
| CWE | CWE-120 | |
| CPE | cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wnr2000v5_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:wnr2050:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:d7000_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:wndr3700v4:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wnr2000v3_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7500_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:wnr2000v3:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:jwnr2010v5:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:d7800_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:wnr1000v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wndr3800_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wndr3700v4_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:jwnr2010v5_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:wnr1000v4:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:jnr1010v2:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7500v2_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:jnr3300_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:wndr4300v2:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wnr2050_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:wnr2200:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wndr4700_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wnr618_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wnr1000v2_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:wndr3800:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6100_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:wnr2000v4:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r2000_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r2000:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wnr2500_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:d6100_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wnr1000v4_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wndr4300v2_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wnr2020_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:wndr4500v3:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:wndr4300:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wndr4500v3_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:wnr618:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:jnr1010v2_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wndr4300_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:jnr3300:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6220_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:wnr2500:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:wnr614:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wnr2000v4_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wnr2200_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:wndr4700:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wnr614_firmware:-:*:*:*:*:*:*:* |
|
| References | () http://kb.netgear.com/000036549/Insecure-Remote-Access-and-Command-Execution-Security-Vulnerability - Vendor Advisory | |
| References | () http://seclists.org/fulldisclosure/2016/Dec/72 - Exploit, Mailing List, Third Party Advisory, VDB Entry | |
| References | () http://www.securityfocus.com/bid/95867 - Broken Link, Third Party Advisory, VDB Entry | |
| References | () https://www.exploit-db.com/exploits/40949/ - Exploit, Third Party Advisory, VDB Entry | |
| References | () https://www.exploit-db.com/exploits/41719/ - Exploit, Third Party Advisory, VDB Entry |
Information
Published : 2017-01-30 04:59
Updated : 2025-04-20 01:37
NVD link : CVE-2016-10174
Mitre link : CVE-2016-10174
CVE.ORG link : CVE-2016-10174
JSON object : View
Products Affected
netgear
- d6100
- jwnr2010v5
- wnr2050_firmware
- jwnr2010v5_firmware
- r6220_firmware
- wnr1000v2
- jnr1010v2_firmware
- wnr1000v2_firmware
- r2000_firmware
- wnr2000v5_firmware
- wndr4300
- r6100_firmware
- wnr618_firmware
- wnr2500
- wnr2200
- r7500v2
- wndr4500v3_firmware
- r7500
- wnr1000v4_firmware
- wndr3700v4_firmware
- wndr4500v3
- wnr2020_firmware
- d7000_firmware
- wnr2000v4_firmware
- wndr4300v2
- wnr2020
- d6100_firmware
- r2000
- r7500_firmware
- wnr1000v4
- wndr3800
- wnr2500_firmware
- wnr2000v3
- r6100
- wnr2200_firmware
- wndr4700
- wnr2000v3_firmware
- wndr3800_firmware
- wnr2000v5
- jnr3300
- wndr4700_firmware
- wnr2000v4
- wnr614_firmware
- wnr618
- wnr2050
- wndr4300v2_firmware
- jnr1010v2
- wnr614
- d7000
- d7800
- jnr3300_firmware
- d7800_firmware
- r7500v2_firmware
- wndr3700v4
- wndr4300_firmware
- r6220
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')