CVE-2016-11055: CSRF
First published: Tue Apr 28 2020(Updated: )
Certain NETGEAR devices are affected by CSRF. This affects CM400 before 2017-01-11, CM600 before 2017-01-11, D1500 before 2017-01-11, D500 before 2017-01-11, DST6501 before 2017-01-11, JNR1010v1 before 2017-01-11, JWNR2000Tv3 before 2017-01-11, JWNR2010v3 before 2017-01-11, PLW1000 before 2017-01-11, PLW1010 before 2017-01-11, WNR500 before 2017-01-11, WNR612v3 before 2017-01-11, N450 before 2017-01-11, and CG3000Dv2 before 2017-01-11.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Netgear Cm400 Firmware | <2017-01-11 | |
| Netgear Cm400 | ||
| Netgear Cm600 Firmware | <2017-01-11 | |
| Netgear Cm600 | ||
| Netgear D1500 Firmware | <1.0.0.20 | |
| Netgear D1500 | ||
| Netgear D500 Firmware | <2017-01-11 | |
| Netgear D500 | ||
| Netgear Dst6501 Firmware | <1.0.0.36 | |
| Netgear Dst6501 | ||
| Netgear Jnr1010 Firmware | <2017-01-11 | |
| NETGEAR JNR1010 | =v1 | |
| Netgear Jwnr2000t Firmware | <2017-01-11 | |
| Netgear Jwnr2000t | =v3 | |
| Netgear Jwnr2010 Firmware | <2017-01-11 | |
| Netgear Jwnr2010 | =v3 | |
| Netgear Plw1000 Firmware | <1.0.0.22 | |
| Netgear Plw1000 | ||
| Netgear Plw1010 Firmware | <2017-01-11 | |
| Netgear Plw1010 | ||
| Netgear Wnr500 Firmware | <2017-01-11 | |
| Netgear Wnr500 | ||
| Netgear Wnr612 Firmware | <2017-01-11 | |
| Netgear Wnr612 | =v3 | |
| Netgear N450 Cg3000d Firmware | <2017-01-11 | |
| Netgear N450 Cg3000d | =v2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2016-11055?
CVE-2016-11055 is a vulnerability that affects certain NETGEAR devices and allows for CSRF attacks.
Which devices are affected by CVE-2016-11055?
The following NETGEAR devices are affected by CVE-2016-11055: CM400, CM600, D1500, D500, DST6501, JNR1010v1, JWNR2000Tv3, JWNR2010v3, PLW1000.
What is the severity of CVE-2016-11055?
CVE-2016-11055 has a severity rating of medium, with a CVSS score of 4.3.
How can I fix CVE-2016-11055?
To fix CVE-2016-11055, it is recommended to update the affected NETGEAR devices to the latest firmware version.
Where can I find more information about CVE-2016-11055?
You can find more information about CVE-2016-11055 on the NETGEAR Product Vulnerability Advisory page at the following link: [NETGEAR Product Vulnerability Advisory CSRF LocalFile XSS](https://kb.netgear.com/30114/NETGEAR-Product-Vulnerability-Advisory-CSRF-LocalFile-XSS)
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/tags
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- vendor/netgear
- canonical/netgear cm400 firmware
- canonical/netgear cm400
- canonical/netgear cm600 firmware
- canonical/netgear cm600
- canonical/netgear d1500 firmware
- canonical/netgear d1500
- canonical/netgear d500 firmware
- canonical/netgear d500
- canonical/netgear dst6501 firmware
- canonical/netgear dst6501
- canonical/netgear jnr1010 firmware
- canonical/netgear jnr1010
- version/netgear jnr1010/v1
- canonical/netgear jwnr2000t firmware
- canonical/netgear jwnr2000t
- version/netgear jwnr2000t/v3
- canonical/netgear jwnr2010 firmware
- canonical/netgear jwnr2010
- version/netgear jwnr2010/v3
- canonical/netgear plw1000 firmware
- canonical/netgear plw1000
- canonical/netgear plw1010 firmware
- canonical/netgear plw1010
- canonical/netgear wnr500 firmware
- canonical/netgear wnr500
- canonical/netgear wnr612 firmware
- canonical/netgear wnr612
- version/netgear wnr612/v3
- canonical/netgear n450 cg3000d firmware
- canonical/netgear n450 cg3000d
- version/netgear n450 cg3000d/v2