CVE-2019-13361

MEDIUM

Smanos W100 1.0.0 - Improper Authentication

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-13361. PoCs published by lodi-g.

AI-analyzed exploit summary This repository contains a functional Python PoC for CVE-2019-13361, which exploits a vulnerability in a device's WiFi configuration protocol to disarm it. The exploit sends crafted packets to update WiFi settings and then disarm the device using its ID.

Description

Smanos W100 1.0.0 devices have Insecure Permissions, exploitable by an attacker on the same Wi-Fi network.

Exploits (1)

nomisec WORKING POC

by lodi-g · poc

https://github.com/lodi-g/CVE-2019-13361

View Code ZIP pw:eip

This repository contains a functional Python PoC for CVE-2019-13361, which exploits a vulnerability in a device's WiFi configuration protocol to disarm it. The exploit sends crafted packets to update WiFi settings and then disarm the device using its ID.

Classification

Working Poc 95%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Unknown device with vulnerable WiFi configuration protocol (likely a security system)

No auth needed

Prerequisites: Network access to the target device · Knowledge of the target device's IP and port (default: 60003)

MITRE ATT&CK

T1200 - Hardware Additions

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory x_refsource_misc

https://github.com/lodi-g/CVE-2019-13361/

View Writeup ZIP pw:eip

Scores

CVSS v3 6.5

EPSS 0.0194

EPSS Percentile 83.7%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-287

Status published

Products (1)

smanos/w100_firmware 1.0.0

Published Sep 05, 2019

Tracked Since Feb 18, 2026