Exploited
critical
10
CWE
77
Advisory Published
Updated

CVE-2016-1555: NETGEAR Multiple WAP Devices Command Injection Vulnerability

First published: Fri Apr 21 2017(Updated: )

(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands.

Credit: cret@cert.org cret@cert.org

Affected SoftwareAffected VersionHow to fix
NETGEAR Wireless Access Point (WAP) Devices
All of
NETGEAR WNAP320 firmware<=3.0.5.0
Netgear WNAP320 firmware
All of
Netgear WNDAP350 Firmware<=3.0.5.0
NETGEAR WNDAP350
All of
NETGEAR WNDAP360<=3.0.5.0
NETGEAR WNDAP360 firmware
All of
Netgear WNDAP210v2<=3.0.5.0
Netgear WNDAP210v2 Firmware
All of
NETGEAR WN604 firmware<=3.3.2
Netgear WN604
All of
NETGEAR WNDAP660<=3.0.5.0
NETGEAR WNDAP660 firmware
All of
Netgear WN802Tv2 firmware<=3.0.5.0
Netgear WN802T
NETGEAR WNAP320 firmware<=3.0.5.0
Netgear WNAP320 firmware
Netgear WNDAP350 Firmware<=3.0.5.0
NETGEAR WNDAP350
NETGEAR WNDAP360<=3.0.5.0
NETGEAR WNDAP360 firmware
Netgear WNDAP210v2<=3.0.5.0
Netgear WNDAP210v2 Firmware
NETGEAR WN604 firmware<=3.3.2
Netgear WN604
NETGEAR WNDAP660<=3.0.5.0
NETGEAR WNDAP660 firmware
Netgear WN802Tv2 firmware<=3.0.5.0
Netgear WN802T
All of
<=3.0.5.0
All of
<=3.0.5.0
All of
<=3.0.5.0
All of
<=3.0.5.0
All of
<=3.3.2
All of
<=3.0.5.0
All of
<=3.0.5.0

Remedy

https://kb.netgear.com/30480/CVE-2016-1555-Notification?cid=wmt_netgear_organic

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2016-1555?

    CVE-2016-1555 has a high severity rating due to its remote command execution vulnerability.

  • How do I fix CVE-2016-1555?

    To fix CVE-2016-1555, update the affected Netgear devices to firmware version 3.3.3 or later.

  • What devices are affected by CVE-2016-1555?

    CVE-2016-1555 affects various Netgear Wireless Access Point devices, including WN604, WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660.

  • Can CVE-2016-1555 lead to full system compromise?

    Yes, CVE-2016-1555 can allow remote attackers to execute arbitrary commands, potentially leading to full system compromise.

  • Is CVE-2016-1555 related to any other vulnerabilities?

    CVE-2016-1555 is noted for being part of a broader category of remote command execution vulnerabilities in network devices.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203