### [CVE-2016-11022](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-11022)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to login_handler.php.

### POC

#### Reference
- http://firmware.re/vulns/acsa-2015-002.php

#### Github
No PoCs found on GitHub currently.