CVE-2023-38829

HIGH

NETIS SYSTEMS WF2409E <3.6.42541 - RCE

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2023-38829. PoCs published by Victorique-123, adhikara13.

AI-analyzed exploit summary The repository contains functional exploit code for CVE-2023-38829, targeting NETIS WF2409E routers. The exploit demonstrates a command injection vulnerability via crafted HTTP requests to the device's CGI endpoints, allowing remote code execution.

Description

An issue in NETIS SYSTEMS WF2409E v.3.6.42541 allows a remote attacker to execute arbitrary code via the ping and traceroute functions of the diagnostic tools component in the admin management interface.

Exploits (2)

nomisec WORKING POC 1 stars

by Victorique-123 · poc

https://github.com/Victorique-123/CVE-2023-38829-NETIS-WF2409E_Report

View Code ZIP pw:eip

The repository contains functional exploit code for CVE-2023-38829, targeting NETIS WF2409E routers. The exploit demonstrates a command injection vulnerability via crafted HTTP requests to the device's CGI endpoints, allowing remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: NETIS WF2409E firmware (version not specified)

Auth required

Prerequisites: Network access to the target device · Valid credentials for authentication

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

nomisec WRITEUP 1 stars

by adhikara13 · poc

https://github.com/adhikara13/CVE-2023-38829-NETIS-WF2409E

View Code ZIP pw:eip

The repository provides a detailed technical description of a command injection vulnerability in NETIS SYSTEMS Router WF2409E (V3.6.42541), specifically targeting the ping and traceroute functions. It includes step-by-step PoC instructions but lacks functional exploit code.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: NETIS SYSTEMS Router WF2409E V3.6.42541

Auth required

Prerequisites: Access to the router's web admin interface · Valid credentials for authentication

MITRE ATT&CK

T1202 - Indirect Command Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory

https://github.com/adhikara13/CVE-2023-38829-NETIS-WF2409E

Scores

CVSS v3 8.8

EPSS 0.0200

EPSS Percentile 78.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-77

Status published

Products (1)

netis-systems/wf2409e_firmware 3.6.42541

Published Sep 11, 2023

Tracked Since Feb 18, 2026