High severity8.8CISA KEVNVD Advisory· Published Dec 14, 2016· Updated Jun 17, 2026
CVE-2016-6277
CVE-2016-6277
Description
NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14Patches
Vulnerability mechanics
References
9- kb.netgear.com/000036386/CVE-2016-582384nvdPatchVendor Advisory
- packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.htmlnvdExploitThird Party AdvisoryVDB Entry
- kalypto.org/research/netgear-vulnerability-expanded/nvdBroken LinkExploitThird Party Advisory
- www.exploit-db.com/exploits/41598/nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/94819nvdBroken LinkThird Party AdvisoryVDB Entry
- www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/nvdBroken LinkMitigationThird Party Advisory
- www.exploit-db.com/exploits/40889/nvdThird Party AdvisoryVDB Entry
- www.kb.cert.org/vuls/id/582384nvdThird Party AdvisoryUS Government Resource
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
1- RondoDox: From Targeting Pwn2Own Vulnerabilities to Shotgunning ExploitsTrend Micro Research · Oct 9, 2025