Information disclosure in Netgear WN604 before 3.3.3; WNAP210, WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0; and WND930 before 2.0.11 allows remote attackers to read the wireless WPS PIN or passphrase by visiting unauthenticated webpages.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html | Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2016/Feb/112 | Mailing List Third Party Advisory |
https://kb.netgear.com/30481/CVE-2016-1556-Notification?cid=wmt_netgear_organic | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
History
No history.
Information
Published : 2017-04-21 15:59
Updated : 2024-02-04 19:11
NVD link : CVE-2016-1556
Mitre link : CVE-2016-1556
CVE.ORG link : CVE-2016-1556
JSON object : View
Products Affected
netgear
- wnap320_firmware
- wnd930
- wndap360_firmware
- wndap350_firmware
- wnap320
- wndap360
- wndap210v2
- wndap210v2_firmware
- wn604_firmware
- wn604
- wndap350
- wnd930_firmware
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor