CVE-2016-11055 — MEDIUM (4.3)

Q: How severe is CVE-2016-11055?

CVE-2016-11055 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2016-11055?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear Cm400 Firmware, Netgear Cm400, Netgear Cm600 Firmware, Netgear Cm600, Netgear D1500 Firmware.

Vulnerability Description

Certain NETGEAR devices are affected by CSRF. This affects CM400 before 2017-01-11, CM600 before 2017-01-11, D1500 before 2017-01-11, D500 before 2017-01-11, DST6501 before 2017-01-11, JNR1010v1 before 2017-01-11, JWNR2000Tv3 before 2017-01-11, JWNR2010v3 before 2017-01-11, PLW1000 before 2017-01-11, PLW1010 before 2017-01-11, WNR500 before 2017-01-11, WNR612v3 before 2017-01-11, N450 before 2017-01-11, and CG3000Dv2 before 2017-01-11.

CVSS Score

4.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Netgear	Cm400 Firmware	< 2017-01-11
Netgear	Cm400	-
Netgear	Cm600 Firmware	< 2017-01-11
Netgear	Cm600	-
Netgear	D1500 Firmware	< 1.0.0.20
Netgear	D1500	-
Netgear	D500 Firmware	< 2017-01-11
Netgear	D500	-
Netgear	Dst6501 Firmware	< 1.0.0.36
Netgear	Dst6501	-
Netgear	Jnr1010 Firmware	< 2017-01-11
Netgear	Jnr1010	v1
Netgear	Jwnr2000T Firmware	< 2017-01-11
Netgear	Jwnr2000T	v3
Netgear	Jwnr2010 Firmware	< 2017-01-11
Netgear	Jwnr2010	v3
Netgear	Plw1000 Firmware	< 1.0.0.22
Netgear	Plw1000	-
Netgear	Plw1010 Firmware	< 2017-01-11
Netgear	Plw1010	-

Related Weaknesses (CWE)

CWE-352

References

https://kb.netgear.com/30114/NETGEAR-Product-Vulnerability-Advisory-CSRF-LocalFiVendor Advisory
https://kb.netgear.com/30114/NETGEAR-Product-Vulnerability-Advisory-CSRF-LocalFiVendor Advisory

FAQ

What is CVE-2016-11055?

CVE-2016-11055 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Certain NETGEAR devices are affected by CSRF. This affects CM400 before 2017-01-11, CM600 before 2017-01-11, D1500 before 2017-01-11, D500 before 2017-01-11, DST6501 before 2017-01-11, JNR1010v1 befor...

How severe is CVE-2016-11055?

CVE-2016-11055 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-11055?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear Cm400 Firmware, Netgear Cm400, Netgear Cm600 Firmware, Netgear Cm600, Netgear D1500 Firmware.