CVE-2019-19356

HIGH KEV LAB

Netis WF2419 - Authenticated RCE

Title source: llm

Description

Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. The vulnerability has been found in firmware version V1.2.31805 and V2.2.36123. After one is connected to this page, it is possible to execute system commands as root through the tracert diagnostic tool because of lack of user input sanitizing.

Exploits (2)

nomisec WORKING POC 5 stars

by shadowgatt · remote-auth

https://github.com/shadowgatt/CVE-2019-19356

View Code ZIP pw:eip

nomisec STUB

by qq1515406085 · poc

https://github.com/qq1515406085/CVE-2019-19356

View Code ZIP pw:eip

References (4)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/156588/Netis-WF2419-2.2.36123-Remote-Code-Execution.html

[Exploit, Third Party Advisory] https://github.com/shadowgatt/CVE-2019-19356

[Exploit, Third Party Advisory] https://www.digital.security/en/blog/netis-routers-remote-code-execution-cve-2019-19356

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-19356

Scores

CVSS v3 7.5

EPSS 0.9109

EPSS Percentile 99.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Lab Environment

COMMUNITY

Community Lab

docker pull boyhack/discuz_ml

https://github.com/shadowgatt/CVE-2019-19356

https://github.com/qq1515406085/CVE-2019-19356

View in Library

Details

CISA KEV 2021-11-03

VulnCheck KEV 2020-10-14

InTheWild.io 2021-07-23

ENISA EUVD EUVD-2019-8977

CWE

CWE-78

Status published

Products (2)

netis-systems/wf2419_firmware 1.2.31805

netis-systems/wf2419_firmware 2.2.36123

Published Feb 07, 2020

KEV Added Nov 03, 2021

Tracked Since Feb 18, 2026