CVE-2016-11022

CVE-2016-11022 is a high vulnerability published on March 23, 2020. NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to login_handler.php.

CVE-2016-11022 was first published in the National Vulnerability Database on March 23, 2020, with the most recent update on November 21, 2024. EchelonGraph re-ingests CVE updates from NVD on a 2-hour cycle, so this page reflects the latest published state.

CVE-2016-11022 has a CVSS v3 base score of 7.2 (NVD).

Patch to the fixed version published by the affected vendor. Where vendor advisories exist for CVE-2016-11022, EchelonGraph cross-links them in the Vendor Advisories panel below — those typically contain the canonical remediation steps, fixed version numbers, and any vendor-specific mitigations.