CVE-2019-1912

CRITICAL

Cisco Small Business 220 Series Smart Switches < 1.1.4.4 - Arbitrary File Upload

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-1912.

AI-analyzed exploit summary This Python script is a functional exploit for CVE-2019-1912, targeting a stack overflow vulnerability in Realtek Managed Switch Controller (RTL83xx) devices. It leverages a 'one byte read-write loop' without boundary checks in Boa/Hydra web servers, allowing remote code execution via a reverse shell.

Description

A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to upload arbitrary files. The vulnerability is due to incomplete authorization checks in the web management interface. An attacker could exploit this vulnerability by sending a malicious request to certain parts of the web management interface. Depending on the configuration of the affected switch, the malicious request must be sent via HTTP or HTTPS. A successful exploit could allow the attacker to modify the configuration of an affected device or to inject a reverse shell. This vulnerability affects Cisco Small Business 220 Series Smart Switches running firmware versions prior to 1.1.4.4 with the web management interface enabled. The web management interface is enabled via both HTTP and HTTPS by default.

Exploits (1)

exploitdb WORKING POC

pythonremotehardware

https://www.exploit-db.com/exploits/47442

View Code ZIP pw:eip

This Python script is a functional exploit for CVE-2019-1912, targeting a stack overflow vulnerability in Realtek Managed Switch Controller (RTL83xx) devices. It leverages a 'one byte read-write loop' without boundary checks in Boa/Hydra web servers, allowing remote code execution via a reverse shell.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Realtek Managed Switch Controller (RTL83xx) with various vendor firmwares (e.g., Cisco, NETGEAR, Zyxel)

No auth needed

Prerequisites: Network access to the target device · Python 2.7 environment with required libraries (e.g., pwntools, Crypto)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1210 - Exploitation of Remote Services

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190806-sb220-auth_bypass

Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/154667/Realtek-Managed-Switch-Controller-RTL83xx-Stack-Overflow.html

Scores

CVSS v3 9.1

EPSS 0.1704

EPSS Percentile 96.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-285 CWE-863

Status published

Products (11)

cisco/sf-220-24_firmware < 1.1.4.4

cisco/sf220-24p_firmware < 1.1.4.4

cisco/sf220-48_firmware < 1.1.4.4

cisco/sf220-48p_firmware < 1.1.4.4

cisco/sg220-26_firmware < 1.1.4.4

cisco/sg220-26p_firmware < 1.1.4.4

cisco/sg220-28_firmware < 1.1.4.4

cisco/sg220-28mp_firmware < 1.1.4.4

cisco/sg220-50_firmware < 1.1.4.4

cisco/sg220-50p_firmware < 1.1.4.4

... and 1 more

Published Aug 07, 2019

Tracked Since Feb 18, 2026