CVE-2019-12168

HIGH EXPLOITED IN THE WILD

Four-Faith Wireless Mobile Router F3x24 v1.0 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2019-12168 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io).

Description

Four-Faith Wireless Mobile Router F3x24 v1.0 devices allow remote code execution via the Command Shell (aka Administration > Commands) screen.

Scores

CVSS v3 7.2
EPSS 0.0496
EPSS Percentile 91.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2024-09-18
InTheWild.io 2024-09-18
CWE
CWE-862
Status published
Products (1)
four-faith/f3x24_firmware 1.0
Published May 17, 2019
Tracked Since Feb 18, 2026