CyberSec.Space Logo
Back to CVE Browser

CVE-2016-10174

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score76.5470%
EPSS Percentile90.16th
PublishedJan 30, 2017
Last ModifiedApr 21, 2026

Vulnerability Description

The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution.

Affected Platforms (CPE)

πŸ’»
Netgear

D6100 Firmware

All versions
πŸ’»
Netgear

D7000 Firmware

All versions
πŸ’»
Netgear

D7800 Firmware

All versions
πŸ’»
Netgear

Jnr1010v2 Firmware

All versions
πŸ’»
Netgear

Jnr3300 Firmware

All versions
πŸ’»
Netgear

Jwnr2010v5 Firmware

All versions
πŸ’»
Netgear

R2000 Firmware

All versions
πŸ’»
Netgear

R6100 Firmware

All versions
πŸ’»
Netgear

R6220 Firmware

All versions
πŸ’»
Netgear

R7500 Firmware

All versions
πŸ’»
Netgear

R7500v2 Firmware

All versions
πŸ’»
Netgear

Wndr3700v4 Firmware

All versions
πŸ’»
Netgear

Wndr3800 Firmware

All versions
πŸ’»
Netgear

Wndr4300 Firmware

All versions
πŸ’»
Netgear

Wndr4300v2 Firmware

All versions
πŸ’»
Netgear

Wndr4500v3 Firmware

All versions
πŸ’»
Netgear

Wndr4700 Firmware

All versions
πŸ’»
Netgear

Wnr1000v2 Firmware

All versions
πŸ’»
Netgear

Wnr1000v4 Firmware

All versions
πŸ’»
Netgear

Wnr2000v3 Firmware

All versions
πŸ’»
Netgear

Wnr2000v4 Firmware

All versions
πŸ’»
Netgear

Wnr2000v5 Firmware

All versions
πŸ’»
Netgear

Wnr2020 Firmware

All versions
πŸ’»
Netgear

Wnr2050 Firmware

All versions
πŸ’»
Netgear

Wnr2200 Firmware

All versions
πŸ’»
Netgear

Wnr2500 Firmware

All versions
πŸ’»
Netgear

Wnr614 Firmware

All versions
πŸ’»
Netgear

Wnr618 Firmware

All versions

References & Advisories

πŸ”— http://kb.netgear.com/000036549/Insecure-Remote-Access-and-Command-Execution-Security-Vulnerability
πŸ”— http://seclists.org/fulldisclosure/2016/Dec/72
πŸ”— http://www.securityfocus.com/bid/95867
πŸ”— https://raw.githubusercontent.com/pedrib/PoC/master/advisories/netgear-wnr2000.txt
πŸ”— https://www.exploit-db.com/exploits/40949/
πŸ”— https://www.exploit-db.com/exploits/41719/
πŸ”— http://kb.netgear.com/000036549/Insecure-Remote-Access-and-Command-Execution-Security-Vulnerability
πŸ”— http://seclists.org/fulldisclosure/2016/Dec/72

Related Vulnerabilities

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...

CVE-2026-121886.3

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules...