CVE-2016-10175 in WNR2000v5
Summary
by MITRE
The NETGEAR WNR2000v5 router leaks its serial number when performing a request to the /BRS_netgear_success.html URI. This serial number allows a user to obtain the administrator username and password, when used in combination with the CVE-2016-10176 vulnerability that allows resetting the answers to the password-recovery questions.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 05/16/2026
The CVE-2016-10175 vulnerability affects NETGEAR WNR2000v5 routers and represents a critical information disclosure flaw that undermines the device's security posture. This vulnerability manifests when an attacker makes a request to the specific URI path /BRS_netgear_success.html, which inadvertently exposes the router's serial number in the HTTP response. The serial number serves as a unique identifier for the device and is typically used for legitimate purposes such as warranty verification and technical support. However, in this case, the exposure creates a significant security risk as the serial number becomes a potential attack vector for unauthorized access to the router's administrative interface. The vulnerability aligns with CWE-200, which addresses improper exposure of sensitive information, and demonstrates how seemingly innocuous information disclosure can lead to complete system compromise. The flaw exists in the router's web interface implementation where proper access controls and input validation are absent, allowing any remote attacker to retrieve this sensitive information without authentication.
The operational impact of CVE-2016-10175 becomes particularly severe when combined with CVE-2016-10176, creating a two-pronged attack vector that allows complete unauthorized access to the affected routers. The serial number obtained through this vulnerability serves as a key component in the exploitation process of CVE-2016-10176, which enables attackers to reset password recovery questions and subsequently gain administrative credentials. This combination of vulnerabilities follows the ATT&CK technique T1212, which involves exploitation of a software vulnerability to gain access to system credentials. The attack chain demonstrates how information disclosure vulnerabilities can be leveraged as precursors to more sophisticated attacks, creating a cascading effect that significantly increases the attack surface. Security researchers have documented that this vulnerability affects multiple NETGEAR devices in the WNR2000v5 series, making it a widespread concern for network administrators who have deployed these routers in both enterprise and residential environments.
The technical implementation of this vulnerability reveals fundamental security flaws in the router's web server configuration and its handling of HTTP requests. When the /BRS_netgear_success.html endpoint is accessed, the system fails to properly sanitize or restrict access to sensitive information that should only be available to authenticated administrators. This represents a classic case of insufficient access control mechanisms and improper error handling within the device's web interface. The vulnerability can be exploited through simple HTTP requests using tools like curl or web browsers, making it particularly dangerous as it requires minimal technical expertise to execute. Network security professionals should consider this vulnerability as part of the broader attack surface analysis, particularly when assessing the security of embedded network devices. The flaw also demonstrates the importance of following security best practices such as implementing proper input validation, access control mechanisms, and secure coding practices for web applications running on network infrastructure devices. Organizations should also consider implementing network segmentation and monitoring to detect unauthorized access attempts to these vulnerable endpoints, which aligns with the ATT&CK framework's emphasis on defensive measures against credential access and lateral movement techniques.