CVE-2016-1557 - NVD | ByteOS Network

NVD Vulnerability Details :

CVE-2016-1557

Deferred

More Info Official Page

Source-cret@cert.org

Published At-21 Apr, 2017 | 15:59

Updated At-20 Apr, 2025 | 01:37

Netgear WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0 reveal wireless passwords and administrative usernames and passwords over SNMP.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.0	9.8	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary	2.0	5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N

CPE Matches

>>wnap320_firmware>>Versions up to 3.0.5.0(inclusive)

cpe:2.3:o:netgear:wnap320_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wnap320:-:*:*:*:*:*:*:*

>>wndap350_firmware>>Versions up to 3.0.5.0(inclusive)

cpe:2.3:o:netgear:wndap350_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wndap350:-:*:*:*:*:*:*:*

>>wndap360_firmware>>Versions up to 3.0.5.0(inclusive)

cpe:2.3:o:netgear:wndap360_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wndap360:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-200	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html	cret@cert.org	Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2016/Feb/112	cret@cert.org	Mailing List Third Party Advisory
https://kb.netgear.com/30482/CVE-2016-1557-Notification?cid=wmt_netgear_organic	cret@cert.org	Patch Vendor Advisory
http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2016/Feb/112	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
https://kb.netgear.com/30482/CVE-2016-1557-Notification?cid=wmt_netgear_organic	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory