CVE-2016-10174

Name: CVE-2016-10174
Creator: NVD / NIST
Published: 2017-01-30T04:59:00.157+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

CRITICALCVSS 9.8/10Actively ExploitedEPSS 83.45%

Last modified Jun 17, 2026

CVE-2016-10174 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution.. CISA has confirmed active exploitation in the wild. EPSS estimates a 83.45% chance of exploitation in the next 30 days.

Description

The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution.

Metrics

CVSS 3.1

9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

83.45%

99.6th percentile

Probability of exploitation in the next 30 days. Learn more

Exploitation Status

This vulnerability is listed in CISA’s Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. Federal agencies must remediate by Apr 15, 2022.

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Netgear	D6100 Firmware	All versions
Netgear	D7000 Firmware	All versions
Netgear	D7800 Firmware	All versions
Netgear	Jnr1010v2 Firmware	All versions
Netgear	Jnr3300 Firmware	All versions
Netgear	Jwnr2010v5 Firmware	All versions
Netgear	R2000 Firmware	All versions
Netgear	R6100 Firmware	All versions
Netgear	R6220 Firmware	All versions
Netgear	R7500 Firmware	All versions
Netgear	R7500v2 Firmware	All versions
Netgear	Wndr3700v4 Firmware	All versions
Netgear	Wndr3800 Firmware	All versions
Netgear	Wndr4300 Firmware	All versions
Netgear	Wndr4300v2 Firmware	All versions
Netgear	Wndr4500v3 Firmware	All versions
Netgear	Wndr4700 Firmware	All versions
Netgear	Wnr1000v2 Firmware	All versions
Netgear	Wnr1000v4 Firmware	All versions
Netgear	Wnr2000v3 Firmware	All versions
Netgear	Wnr2000v4 Firmware	All versions
Netgear	Wnr2000v5 Firmware	All versions
Netgear	Wnr2020 Firmware	All versions
Netgear	Wnr2050 Firmware	All versions
Netgear	Wnr2200 Firmware	All versions
Netgear	Wnr2500 Firmware	All versions
Netgear	Wnr614 Firmware	All versions
Netgear	Wnr618 Firmware	All versions

References

http://kb.netgear.com/000036549/Insecure-Remote-Access-and-Command-Execution-Security-VulnerabilityVendor Advisory
http://seclists.org/fulldisclosure/2016/Dec/72Exploit, Mailing List, Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/95867Broken Link, Third Party Advisory, VDB Entry
https://raw.githubusercontent.com/pedrib/PoC/master/advisories/netgear-wnr2000.txtExploit, Technical Description, Third Party Advisory
https://www.exploit-db.com/exploits/40949/Exploit, Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/41719/Exploit, Third Party Advisory, VDB Entry
http://kb.netgear.com/000036549/Insecure-Remote-Access-and-Command-Execution-Security-VulnerabilityVendor Advisory
http://seclists.org/fulldisclosure/2016/Dec/72Exploit, Mailing List, Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/95867Broken Link, Third Party Advisory, VDB Entry
https://raw.githubusercontent.com/pedrib/PoC/master/advisories/netgear-wnr2000.txtExploit, Technical Description, Third Party Advisory
https://www.exploit-db.com/exploits/40949/Exploit, Third Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/41719/Exploit, Third Party Advisory, VDB Entry
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-10174US Government Resource

Timeline

Published: Jan 30, 2017
Last Modified: Jun 17, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2016-10174?

How severe is CVE-2016-10174?

CVE-2016-10174 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 83.45% probability of exploitation in the next 30 days. This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog.

How do I fix CVE-2016-10174?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2016-10174?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST