CVE-2019-8985

CRITICAL

Netis WF2411 and WF2880 Firmware - Unauthenticated Stack-Based Buffer Overflow via HTTP Authorization Header

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-8985. PoCs published by Squirre17.

AI-analyzed exploit summary This repository contains a working exploit for CVE-2019-8985, targeting Netis WF2411 routers. The exploit leverages a buffer overflow in the HTTP authentication header to achieve remote code execution (RCE) via a ROP chain, with payloads including a simple command execution and a reverse shell.

Description

On Netis WF2411 with firmware 2.1.36123 and other Netis WF2xxx devices (possibly WF2411 through WF2880), there is a stack-based buffer overflow that does not require authentication. This can cause denial of service (device restart) or remote code execution. This vulnerability can be triggered by a GET request with a long HTTP "Authorization: Basic" header that is mishandled by user_auth->user_ok in /bin/boa.

Exploits (1)

nomisec WORKING POC 2 stars
by Squirre17 · poc
https://github.com/Squirre17/CVE-2019-8985

This repository contains a working exploit for CVE-2019-8985, targeting Netis WF2411 routers. The exploit leverages a buffer overflow in the HTTP authentication header to achieve remote code execution (RCE) via a ROP chain, with payloads including a simple command execution and a reverse shell.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Netis WF2411 firmware
No auth needed
Prerequisites: Network access to the vulnerable device · Knowledge of target device's memory layout
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 9.8
EPSS 0.1330
EPSS Percentile 95.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-306 CWE-787
Status published
Products (2)
netis-systems/wf2411_firmware 2.1.36123
netis-systems/wf2880_firmware 2.1.36123
Published Feb 21, 2019
Tracked Since Feb 18, 2026