Netgear R6250, R6400, R6700, R6900, R7000, R7100LG, R7300DST, R7900, R8000, D6220, and D6400 routers and possibly other models are vulnerable to arbitrary command injection.
R6250, R6400, R6700, R6900, R7000, R7100LG, R7300, R7900, R8000, D6220, and D6400 contain an unauthenticated command injection vulnerability that may be executed directly or via cross-domain requests. Known affected firmware versions include Netgear R7000 version 184.108.40.206_1.1.93, R6400 version 220.127.116.11_1.0.11, and R8000 version 18.104.22.168_1.1.2. Earlier versions may also be affected. The command injection vulnerability has been assigned CVE-2016-6277.
By convincing a user to visit a specially crafted web site, a remote unauthenticated attacker may execute arbitrary commands with root privileges on affected routers.
Apply an update
Disable web server
Thanks to Chad Dougherty for alerting us to this vulnerability.
This document was written by Joel Land.
|Date First Published:||2016-12-09|
|Date Last Updated:||2017-01-03 20:56 UTC|