CVE-2016-6277
NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- July 22, 2016
- Published Date
- December 14, 2016
- Last Updated
- February 04, 2025
- Vendor
- NETGEAR
- Product
- Routers
- Description
- NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/.
- Tags
- Exploitation
- active
- Technical Impact
- total
- Exploited in the Wild
- Yes (2025-05-05 00:00:00 UTC) Source
cisa
nuclei_scanner
edge
metasploit_scanner
CVSS Scores
CVSS v3.1
8.8 - HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS v2.0
9.3
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
SSVC Information
Exploit Status
References
https://www.exploit-db.com/exploits/40889/
https://www.exploit-db.com/exploits/41598/
http://kb.netgear.com/000036386/CVE-2016-582384
http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/
https://www.kb.cert.org/vuls/id/582384
http://www.securityfocus.com/bid/94819
https://kalypto.org/research/netgear-vulnerability-expanded/
http://packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.html
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2022-03-07 00:00:00 UTC |
Scanner Integrations
| Scanner | URL | Date Detected |
|---|---|---|
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/netgear_r7000_cgibin_exec.rb | 2025-04-29 11:01:14 UTC |
| Nuclei | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2016/CVE-2016-6277.yaml | 2025-04-26 00:00:00 UTC |
Potential Proof of Concepts
Warning: These PoCs have not been tested and could contain malware. Use at your own risk.
netgear_r7000_cgibin_exec
Type: metasploit • Created: Unknown
Metasploit module for CVE-2016-6277
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel
-
Detected by Nuclei
-
Detected by Metasploit