High severity8.8CISA KEVNVD Advisory· Published Dec 14, 2016· Updated Apr 21, 2026
CVE-2016-6277
CVE-2016-6277
Description
NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/.
Affected products
11Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- kb.netgear.com/000036386/CVE-2016-582384nvdPatchVendor Advisory
- packetstormsecurity.com/files/155712/Netgear-R6400-Remote-Code-Execution.htmlnvdExploitThird Party AdvisoryVDB Entry
- kalypto.org/research/netgear-vulnerability-expanded/nvdBroken LinkExploitThird Party Advisory
- www.exploit-db.com/exploits/41598/nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/94819nvdBroken LinkThird Party AdvisoryVDB Entry
- www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/nvdBroken LinkMitigationThird Party Advisory
- www.exploit-db.com/exploits/40889/nvdThird Party AdvisoryVDB Entry
- www.kb.cert.org/vuls/id/582384nvdThird Party AdvisoryUS Government Resource
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.