Intrusion Prevention

Netgear.macAddress.Remote.Command.Execution

Description

This indicates a detection of a Command Injection vulnerability in Netgear Products.
The vulnerability is due to an error in the application when handling a crafted HTTP request. It may allow remote attackers to execute arbitrary code on vulnerable systems, via a crafted HTTP request.

Affected Products

WN604 Wireless N-150 Access Point
WN802Tv2 Wireless-N Access Point
WNAP210v2 ProSAFE Wireless-N Access Point
WNAP320 ProSAFE Wireless-N Access Point
WNDAP350 ProSAFE Dual Band Wireless-N Access Point
WNDAP360 ProSAFE Dual Band Wireless-N Access Point
WNDAP660 ProSAFE Dual Band Wireless-N Access Point

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor
https://kb.netgear.com/30480/CVE-2016-1555-Notification

CVE References

CVE-2016-1555