CVE-2016-11057 — HIGH (7.5)

Q: How severe is CVE-2016-11057?

CVE-2016-11057 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2016-11057?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear Jnr1010 Firmware, Netgear Jnr1010, Netgear Jwnr2000 Firmware, Netgear Jwnr2000, Netgear Jwnr2010 Firmware.

Vulnerability Description

Certain NETGEAR devices are affected by mishandling of repeated URL calls. This affects JNR1010v2 before 2017-01-06, WNR614 before 2017-01-06, WNR618 before 2017-01-06, JWNR2000v5 before 2017-01-06, WNR2020 before 2017-01-06, JWNR2010v5 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2020v2 before 2017-01-06, R6220 before 2017-01-06, and WNDR3700v5 before 2017-01-06.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Netgear	Jnr1010 Firmware	< 2017-01-06
Netgear	Jnr1010	v2
Netgear	Jwnr2000 Firmware	< 2017-01-06
Netgear	Jwnr2000	v5
Netgear	Jwnr2010 Firmware	< 2017-01-06
Netgear	Jwnr2010	v5
Netgear	R6220 Firmware	< 2017-01-06
Netgear	R6220	-
Netgear	Wndr3700 Firmware	< 2017-01-06
Netgear	Wndr3700	v5
Netgear	Wnr1000 Firmware	< 2017-01-06
Netgear	Wnr1000	v4
Netgear	Wnr2020 Firmware	< 2017-01-06
Netgear	Wnr2020	-
Netgear	Wnr614 Firmware	< 2017-01-06
Netgear	Wnr614	-
Netgear	Wnr618 Firmware	< 2017-01-06
Netgear	Wnr618	-

Related Weaknesses (CWE)

CWE-287

References

https://kb.netgear.com/29960/NETGEAR-Product-Vulnerability-Advisory-Potential-seVendor Advisory
https://kb.netgear.com/29960/NETGEAR-Product-Vulnerability-Advisory-Potential-seVendor Advisory

FAQ

What is CVE-2016-11057?

CVE-2016-11057 is a vulnerability with a CVSS score of 7.5 (HIGH). Certain NETGEAR devices are affected by mishandling of repeated URL calls. This affects JNR1010v2 before 2017-01-06, WNR614 before 2017-01-06, WNR618 before 2017-01-06, JWNR2000v5 before 2017-01-06, W...

How severe is CVE-2016-11057?

CVE-2016-11057 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-11057?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear Jnr1010 Firmware, Netgear Jnr1010, Netgear Jwnr2000 Firmware, Netgear Jwnr2000, Netgear Jwnr2010 Firmware.