Critical severity9.8CISA KEVNVD Advisory· Published Apr 21, 2017· Updated Apr 22, 2026

CVE-2016-1555

Description

(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands.

Affected products

Netgear/Wn604 Firmware
cpe:2.3:o:netgear:wn604_firmware:*:*:*:*:*:*:*:*
Range: <=3.3.2
Netgear/Wn802tv2 Firmware
cpe:2.3:o:netgear:wn802tv2_firmware:*:*:*:*:*:*:*:*
Range: <=3.0.5.0
Netgear/Wnap320 Firmware
cpe:2.3:o:netgear:wnap320_firmware:*:*:*:*:*:*:*:*
Range: <=3.0.5.0
Netgear/Wndap210v2 Firmware
cpe:2.3:o:netgear:wndap210v2_firmware:*:*:*:*:*:*:*:*
Range: <=3.0.5.0
Netgear/Wndap350 Firmware
cpe:2.3:o:netgear:wndap350_firmware:*:*:*:*:*:*:*:*
Range: <=3.0.5.0
Netgear/Wndap360 Firmware
cpe:2.3:o:netgear:wndap360_firmware:*:*:*:*:*:*:*:*
Range: <=3.0.5.0
Netgear/Wndap660 Firmware
cpe:2.3:o:netgear:wndap660_firmware:*:*:*:*:*:*:*:*
Range: <=3.0.5.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

kb.netgear.com/30480/CVE-2016-1555-NotificationnvdPatchVendor Advisory
www.exploit-db.com/exploits/45909/nvdExploitThird Party AdvisoryVDB Entry
packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.htmlnvdThird Party AdvisoryVDB Entry
seclists.org/fulldisclosure/2016/Feb/112nvdMailing ListThird Party Advisory
www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.075
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.000