CVE-2016-11022

HIGH

Netgear Prosafe Wc9500 Firmware - OS Command Injection

Title source: rule

Description

NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to login_handler.php.

References (3)

Core 3

Core References

Third Party Advisory x_refsource_misc

https://unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/

Exploit, Third Party Advisory x_refsource_misc

http://firmware.re/vulns/acsa-2015-002.php

Exploit, Third Party Advisory x_refsource_misc

https://github.com/threat9/routersploit/blob/master/routersploit/modules/exploits/routers/netgear/prosafe_rce.py

View Exploit ZIP pw:eip

Scores

CVSS v3 7.2

EPSS 0.0373

EPSS Percentile 88.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-78

Status published

Products (3)

netgear/prosafe_wc7520_firmware 2.5.0.35

netgear/prosafe_wc7600_firmware 5.1.0.17

netgear/prosafe_wc9500_firmware 5.1.0.17

Published Mar 23, 2020

Tracked Since Feb 18, 2026