CVE-2018-6391

HIGH

Netis WF2419 V2.2.36123 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-6391. PoCs published by Sajibe Kanti.

AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in Netis-WF2419 routers, allowing remote attackers to delete Address Reservation List settings via a crafted HTML form. The PoC uses a simple GET request to manipulate router configurations without authentication.

Description

A cross-site request forgery web vulnerability has been discovered on Netis WF2419 V2.2.36123 devices. A remote attacker is able to delete Address Reservation List settings.

Exploits (1)

exploitdb WORKING POC
by Sajibe Kanti · htmlwebappshardware
https://www.exploit-db.com/exploits/43919

This exploit demonstrates a CSRF vulnerability in Netis-WF2419 routers, allowing remote attackers to delete Address Reservation List settings via a crafted HTML form. The PoC uses a simple GET request to manipulate router configurations without authentication.

Classification
Working Poc 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: Netis-WF2419 Router, V2.2.36123
No auth needed
Prerequisites: Victim must visit a malicious webpage hosting the exploit · Router must be accessible on the local network
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
https://packetstormsecurity.com/files/146117/netiswf2419-xsrf.txt
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/43919/
Exploit, Third Party Advisory x_refsource_misc
https://0day.today/exploit/29659

Scores

CVSS v3 8.8
EPSS 0.0050
EPSS Percentile 66.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-352
Status published
Products (1)
netis-systems/wf2419_firmware 2.2.36123
Published Jan 29, 2018
Tracked Since Feb 18, 2026