CVE-2019-12168
HIGH EXPLOITED IN THE WILDFour-Faith Wireless Mobile Router F3x24 v1.0 - RCE
Title source: llmExploitation Summary
CVE-2019-12168 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io).
Description
Four-Faith Wireless Mobile Router F3x24 v1.0 devices allow remote code execution via the Command Shell (aka Administration > Commands) screen.
References (1)
Core 1
Core References
Various Sources x_refsource_misc
https://medium.com/%40bertinjoseb/four-faith-industrial-routers-command-injection-rce-reverse-shell-121c4dedb0d8
Scores
CVSS v3
7.2
EPSS
0.0496
EPSS Percentile
91.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2024-09-18
InTheWild.io
2024-09-18
CWE
CWE-862
Status
published
Products (1)
four-faith/f3x24_firmware
1.0
Published
May 17, 2019
Tracked Since
Feb 18, 2026