PatchSiren cyber security CVE debrief

CVE-2016-10175 Netgear CVE debrief

CVE-2016-10175 describes an information-disclosure flaw in NETGEAR WNR2000v5 firmware where a request to /BRS_netgear_success.html can leak the device serial number. According to the supplied record, that serial number can then be used together with CVE-2016-10176 to recover the administrator username and password. NVD lists affected firmware as up to 1.0.0.34 and rates the issue CVSS 3.0 9.8 Critical.

Vendor: Netgear
Product: CVE-2016-10175
CVSS: CRITICAL 9.8
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-01-30
Original CVE updated: 2026-05-13
Advisory published: 2017-01-30
Advisory updated: 2026-05-13

Who should care

Anyone operating or supporting NETGEAR WNR2000v5 routers, especially home users, small offices, and MSPs that may still have legacy firmware in service. Administrators should treat this as a credential-exposure issue rather than a standalone leak, because the supplied record says it can be combined with CVE-2016-10176.

Technical summary

The vulnerability is categorized as CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor). The NVD record says the WNR2000v5 firmware leaks the router serial number through the /BRS_netgear_success.html URI. That serial number is described as useful for obtaining administrator credentials when paired with CVE-2016-10176. The supplied NVD data lists the vulnerable firmware range through 1.0.0.34.

Defensive priority

High. Although the direct flaw is an information leak, the supplied record links it to administrative credential recovery, and NVD assigns a Critical CVSS 9.8 score. Prioritize this if the device is internet-facing, still in active use, or cannot be confidently confirmed on patched firmware.

Recommended defensive actions

Confirm whether any NETGEAR WNR2000v5 devices are deployed and whether firmware is at or below 1.0.0.34.
Apply the vendor-referenced remediation for the WNR2000v5 model and verify firmware version after updating.
If the device cannot be patched, remove it from exposure to untrusted networks or replace it.
Change router administrative credentials after remediation, especially if the device may have been exposed.
Review whether any services or management interfaces on the router are accessible from the internet and restrict them where possible.
Treat any paired use of CVE-2016-10175 and CVE-2016-10176 as a path to administrative compromise and check for unauthorized configuration changes.

Evidence notes

This debrief is grounded in the supplied NVD/CVE record and vendor advisory references. The supplied record states that /BRS_netgear_success.html can leak the serial number on NETGEAR WNR2000v5 firmware and that the serial number can be used with CVE-2016-10176 to obtain administrator credentials. NVD lists CWE-200, CVSS 3.0 9.8, and affected firmware through 1.0.0.34. Reference links in the corpus include the Netgear advisory and NVD-linked third-party descriptions; no exploit steps are included here.

Official resources

CVE-2016-10175 CVE record
CVE.org
CVE-2016-10175 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Patch, Vendor Advisory
Mitigation or vendor reference
[email protected] - Exploit, Third Party Advisory, VDB Entry
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
Mitigation or vendor reference
[email protected] - Exploit, Technical Description, Third Party Advisory
Source reference
[email protected]

CVE published 2017-01-30 and last modified 2026-05-13 per the supplied timeline. This debrief uses only the provided corpus and official links and avoids exploit instructions.