CVE-2016-6277 — NETGEAR Multiple Routers Remote Code Execution Vulnerability
2022-03-07 • CISA Known Exploited Vulnerability
[event] NETGEAR confirmed multiple routers allow unauthenticated web pages to pass form input directly to the command-line interface, permitting remote code execution.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | NETGEAR |
| Product | Multiple Routers |
| CWE | CWE-352 |
| CVE ID | CVE-2016-6277 |
| Date Added | 2022-03-07 |
| Due Date | 2022-09-07 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-09-07