Back to KEVs

CVE-2019-19356

Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. The vulnerability has been...

Basic Information

CVE State
PUBLISHED
Reserved Date
November 27, 2019
Published Date
February 07, 2020
Last Updated
February 04, 2025
Vendor
n/a
Product
n/a
Description
Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. The vulnerability has been found in firmware version V1.2.31805 and V2.2.36123. After one is connected to this page, it is possible to execute system commands as root through the tracert diagnostic tool because of lack of user input sanitizing.

CVSS Scores

SSVC Information

Exploitation
active
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (added 2021-11-03 00:00:00 UTC) Source
Proof of Concept Available
Yes (added 2020-03-13 08:22:36 UTC) Source

References

https://www.digital.security/en/blog/netis-routers-remote-code-execution-cve-2019-19356 https://github.com/shadowgatt/CVE-2019-19356 http://packetstormsecurity.com/files/156588/Netis-WF2419-2.2.36123-Remote-Code-Execution.html

Known Exploited Vulnerability Information

Source Added Date
CISA 2021-11-03 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

qq1515406085/CVE-2019-19356

Type: github • Created: 2020-03-13 08:22:36 UTC • Stars: 0

shadowgatt/CVE-2019-19356

Type: github • Created: 2019-12-12 11:01:23 UTC • Stars: 5

Netis router RCE exploit ( CVE-2019-19356)