CVE-2016-1557

Опубликовано: 21 апр. 2017

Источник: nvd

CVSS3: 9.8

CVSS2: 5

EPSS Низкий

Описание

Netgear WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0 reveal wireless passwords and administrative usernames and passwords over SNMP.

Ссылки

http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2016/Feb/112
Mailing List
Third Party Advisory
https://kb.netgear.com/30482/CVE-2016-1557-Notification?cid=wmt_netgear_organic
Patch
Vendor Advisory
http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2016/Feb/112
Mailing List
Third Party Advisory
https://kb.netgear.com/30482/CVE-2016-1557-Notification?cid=wmt_netgear_organic
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:netgear:wnap320_firmware:*:*:*:*:*:*:*:*

Версия до 3.0.5.0 (включая)

cpe:2.3:h:netgear:wnap320:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:netgear:wndap350_firmware:*:*:*:*:*:*:*:*

Версия до 3.0.5.0 (включая)

cpe:2.3:h:netgear:wndap350:-:*:*:*:*:*:*:*

Конфигурация 3

Одновременно

cpe:2.3:o:netgear:wndap360_firmware:*:*:*:*:*:*:*:*

Версия до 3.0.5.0 (включая)

cpe:2.3:h:netgear:wndap360:-:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01182

Низкий

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-2hmp-62fm-hfpg

CVSS3: 9.8

github

больше 3 лет назад

Netgear WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0 reveal wireless passwords and administrative usernames and passwords over SNMP.

EPSS

Процентиль: 78%

0.01182

Низкий

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200