VYPR
Medium severity6.5NVD Advisory· Published Jan 3, 2017· Updated Jun 17, 2026

CVE-2016-10106

CVE-2016-10106

Description

Directory traversal vulnerability in scgi-bin/platform.cgi on NETGEAR FVS336Gv3, FVS318N, FVS318Gv2, and SRX5308 devices with firmware before 4.3.3-8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the thispage parameter, as demonstrated by reading the /etc/shadow file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • Netgear/FVS318Gv22 versions
    cpe:2.3:o:netgear:fvs318gv2_firmware:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:netgear:fvs318gv2_firmware:*:*:*:*:*:*:*:*range: <=4.3-3.6
    • (no CPE)range: <4.3.3-8
  • cpe:2.3:o:netgear:fvs318n_firmware:*:*:*:*:*:*:*:*
    Range: <=4.3-3.6
  • Netgear/FVS336Gv32 versions
    cpe:2.3:o:netgear:fvs336gv3_firmware:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:netgear:fvs336gv3_firmware:*:*:*:*:*:*:*:*range: <=4.3-3.6
    • (no CPE)range: <4.3.3-8
  • cpe:2.3:o:netgear:srx5308_firmware:*:*:*:*:*:*:*:*
    Range: <=4.3-3.6
  • Netgear/FVS318Nllm-fuzzy
    Range: <4.3.3-8

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.