Back to KEVs

CVE-2019-19356

Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. The vulnerability has been...

Basic Information

CVE State
PUBLISHED
Reserved Date
November 27, 2019
Published Date
February 07, 2020
Last Updated
February 04, 2025
Vendor
Netis
Product
WF2419
Description
Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. The vulnerability has been found in firmware version V1.2.31805 and V2.2.36123. After one is connected to this page, it is possible to execute system commands as root through the tracert diagnostic tool because of lack of user input sanitizing.
Tags
cisa edge

CVSS Scores

CVSS v3.1

7.5 - HIGH

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0

8.5

Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C

SSVC Information

Exploitation
active
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (2021-11-03 00:00:00 UTC) Source
Proof of Concept Available
Yes (added 2020-03-13 08:22:36 UTC) Source

References

https://www.digital.security/en/blog/netis-routers-remote-code-execution-cve-2019-19356 https://github.com/shadowgatt/CVE-2019-19356 http://packetstormsecurity.com/files/156588/Netis-WF2419-2.2.36123-Remote-Code-Execution.html

Known Exploited Vulnerability Information

Source Added Date
CISA 2021-11-03 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

qq1515406085/CVE-2019-19356

Type: github • Created: 2020-03-13 08:22:36 UTC • Stars: 0

shadowgatt/CVE-2019-19356

Type: github • Created: 2019-12-12 11:01:23 UTC • Stars: 5

Netis router RCE exploit ( CVE-2019-19356)

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Proof of Concept Exploit Available

  • Added to KEVIntel