CVE-2019-8985

CRITICAL

Netis-systems Wf2411 Firmware - Out-of-Bounds Write

Title source: rule

Description

On Netis WF2411 with firmware 2.1.36123 and other Netis WF2xxx devices (possibly WF2411 through WF2880), there is a stack-based buffer overflow that does not require authentication. This can cause denial of service (device restart) or remote code execution. This vulnerability can be triggered by a GET request with a long HTTP "Authorization: Basic" header that is mishandled by user_auth->user_ok in /bin/boa.

Exploits (1)

nomisec WORKING POC 2 stars

by Squirre17 · poc

https://github.com/Squirre17/CVE-2019-8985

View Code ZIP pw:eip

References (1)

[Exploit, Vendor Advisory] https://github.com/WhooAmii/whooamii.github.io/blob/master/2018/netis/buffer%20overflow.md

Scores

CVSS v3 9.8

EPSS 0.7181

EPSS Percentile 98.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-306 CWE-787

Status published

Products (2)

netis-systems/wf2411_firmware 2.1.36123

netis-systems/wf2880_firmware 2.1.36123

Published Feb 21, 2019

Tracked Since Feb 18, 2026