CVE-2019-1943

MEDIUM NUCLEI

Cisco Small Business 200, 300, and 500 Series Switches - Unauthenticated Open Redirect via HTTP Request Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-1943. PoCs published by Ramikan. A Nuclei detection template is also available.

AI-analyzed exploit summary The exploit details an open redirect vulnerability (CVE-2019-1943) in Cisco Small Business 200, 300, and 500 Series Managed Switches, where the Host header can be manipulated to redirect users to arbitrary domains. It also includes an information disclosure vulnerability via an unauthenticated endpoint.

Description

A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting a user's HTTP request and modifying it into a request that causes the web interface to redirect the user to a specific malicious URL. This type of vulnerability is known as an open redirect attack and is used in phishing attacks that get users to unknowingly visit malicious sites.

Exploits (1)

exploitdb WRITEUP

by Ramikan · textwebappshardware

https://www.exploit-db.com/exploits/47118

View Code ZIP pw:eip

The exploit details an open redirect vulnerability (CVE-2019-1943) in Cisco Small Business 200, 300, and 500 Series Managed Switches, where the Host header can be manipulated to redirect users to arbitrary domains. It also includes an information disclosure vulnerability via an unauthenticated endpoint.

Classification

Writeup 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Cisco Small Business 200, 300, and 500 Series Managed Switches (version 1.3.7.18 tested)

No auth needed

Prerequisites: Network access to the target device · Web management interface enabled

MITRE ATT&CK

T1505 - Server Software Component T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Cisco Small Business 200,300 and 500 Series Switches - Open Redirect

MEDIUMVERIFIEDby bhutch

Shodan: /config/log_off_page.htm

References (2)

Core 2

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-sbss-redirect

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/109288

Scores

CVSS v3 4.7

EPSS 0.1025

EPSS Percentile 95.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-601

Status published

Products (50)

cisco/sf200-24_firmware

cisco/sf200-24fp_firmware

cisco/sf200-24p_firmware

cisco/sf200-48_firmware

cisco/sf200-48p_firmware

cisco/sf300-08_firmware 1.3.7.18

cisco/sf300-24_firmware 1.3.7.18

cisco/sf300-24mp_firmware 1.3.7.18

cisco/sf300-24p_firmware 1.3.7.18

cisco/sf300-24pp_firmware 1.3.7.18

... and 40 more

Published Jul 17, 2019

Tracked Since Feb 18, 2026