CVE-2019-19823

HIGH NUCLEI

Totolink A3002ru Firmware - Insufficiently Protected Credentials

Title source: rule
STIX 2.1

Description

A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0; Rutek RTK 11N AP through 2019-12-12; Sapido GR297n through 2019-12-12; CIK TELECOM MESH ROUTER through 2019-12-12; KCTVJEJU Wireless AP through 2019-12-12; Fibergate FGN-R2 through 2019-12-12; Hi-Wifi MAX-C300N through 2019-12-12; HCN MAX-C300N through 2019-12-12; T-broad GN-866ac through 2019-12-12; Coship EMTA AP through 2019-12-12; and IO-Data WN-AC1167R through 2019-12-12.

Nuclei Templates (1)

TOTOLINK/Realtek Routers - Information Disclosure
HIGHVERIFIEDby ritikchaddha
FOFA: title="totolink"

References (6)

Core 6
Core References
Third Party Advisory x_refsource_misc
https://sploit.tech
Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2020/Jan/36
Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2020/Jan/38

Scores

CVSS v3 7.5
EPSS 0.2866
EPSS Percentile 96.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-522
Status published
Products (18)
ciktel/mesh_router_firmware < 2019-12-12
coship/emta_ap_firmwre < 2019-12-12
fg-products/fgn-r2_firmware < 2019-12-12
hcn_max-c300n_project/hcn_max-c300n_firmware < 2019-12-12
hiwifi/max-c300n_firmware < 2019-12-12
iodata/wn-ac1167r_firmwre < 2019-12-12
kctvjeju/wireless_ap_firmware < 2019-12-12
realtek/rtk_11n_ap_firmware < 2019-12-12
sapido/gr297n_firmware < 2019-12-12
tbroad/gn-866ac_firmware < 2019-12-12
... and 8 more
Published Jan 27, 2020
Tracked Since Feb 18, 2026