QID 731250

CVE-2016-1555: NETGEAR WNAP320 Access Point Firmware version 2.0.3 could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.

Affected Devices:
WN604 Wireless N-150 Access Point
WN802Tv2 Wireless-N Access Point
WNAP210v2 ProSAFE Wireless-N Access Point
WNAP320 ProSAFE Wireless-N Access Point
WNDAP350 ProSAFE Dual Band Wireless-N Access Point
WNDAP360 ProSAFE Dual Band Wireless-N Access Point
WNDAP660 ProSAFE Dual Band Wireless-N Access Point

Patched Versions:
WN604 Wireless N-150 Access Point v3.3.3 or later
WNAP210v2 ProSAFE Wireless-N Access Point v3.5.5.0 or later
WNAP320 ProSAFE Wireless-N Access Point v3.5.5.0 or later
WNDAP350 ProSAFE Dual Band Wireless-N Access Point v3.5.5.0 or later
WNDAP360 ProSAFE Dual Band Wireless-N Access Point v3.5.5.0 or later
WNDAP660 ProSAFE Dual Band Wireless-N Access Point v3.5.5.0 or later

QID Detection Logic (Unauthenticated):
This QID sends a crafted payload as an HTTP POST request that triggers a callback to the scanner, if vulnerable. Please note that this QID relies on a callback to the scanner on a random port. The target must be enabled to connect back to any random port on the scanner.

Successful exploitation of the vulnerability may allow an unauthenticated attacker to execute arbitrary code, leading to complete system compromise.