CVE-2019-6967
HIGHAirTies Air5341 1.0.0.12 - Cross-Site Request Forgery via cgi-bin/login
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2019-6967. PoCs published by Ali Can Gönüllü.
AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in AirTies Air5341 modems, allowing an attacker to trick a user into submitting a login form to the router's admin interface. The PoC includes a hidden form that submits credentials to the target device.
Description
AirTies Air5341 1.0.0.12 devices allow cgi-bin/login CSRF.
Exploits (1)
exploitdb
WORKING POC
by Ali Can Gönüllü · htmlwebappshardware
https://www.exploit-db.com/exploits/46253
This exploit demonstrates a CSRF vulnerability in AirTies Air5341 modems, allowing an attacker to trick a user into submitting a login form to the router's admin interface. The PoC includes a hidden form that submits credentials to the target device.
Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target:
AirTies Air5341 Modem Firmware 1.0.0.12
No auth needed
Prerequisites:
Victim must be authenticated to the router's admin interface · Attacker must trick the victim into visiting a malicious page
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (4)
Core 4
Core References
Not Applicable x_refsource_misc
https://alicangonullu.biz/konu/3
Exploit, Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/46253/
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/151372/AirTies-Air5341-Modem-1.0.0.12-Cross-Site-Request-Forgery.html
Broken Link x_refsource_misc
https://twitter.com/alicangonullu
Scores
CVSS v3
8.8
EPSS
0.0037
EPSS Percentile
59.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-352
Status
published
Products (1)
airties/air_5341_firmware
1.0.0.12
Published
Mar 21, 2019
Tracked Since
Feb 18, 2026