vendor:
WF2419
by:
Elias Issa
5.5
CVSS
MEDIUM
Remote Code Execution
78
CWE
Product Name: WF2419
Affected Version From: WF2419 V2.2.36123
Affected Version To: WF2419 V2.2.36123
Patch Exists: YES
Related CWE: CVE-2019-1337
CPE: h:netis:wf2419:2.2.36123
Metasploit:
https://www.rapid7.com/db/vulnerabilities/amazon_linux-cve-2019-17563/, https://www.rapid7.com/db/vulnerabilities/amazon_linux-cve-2019-12418/, https://www.rapid7.com/db/vulnerabilities/msft-cve-2019-1337/, https://www.rapid7.com/db/vulnerabilities/amazon-linux-ami-2-cve-2019-7665/, https://www.rapid7.com/db/vulnerabilities/amazon-linux-ami-2-cve-2019-7664/, https://www.rapid7.com/db/vulnerabilities/amazon-linux-ami-2-cve-2019-7149/, https://www.rapid7.com/db/vulnerabilities/amazon-linux-ami-2-cve-2019-7150/, https://www.rapid7.com/db/vulnerabilities/amazon-linux-ami-2-cve-2018-18520/, https://www.rapid7.com/db/vulnerabilities/amazon-linux-ami-2-cve-2018-18521/, https://www.rapid7.com/db/vulnerabilities/amazon-linux-ami-2-cve-2018-18310/, https://www.rapid7.com/db/vulnerabilities/amazon-linux-ami-2-cve-2018-16402/, https://www.rapid7.com/db/vulnerabilities/amazon-linux-ami-2-cve-2018-16403/, https://www.rapid7.com/db/vulnerabilities/amazon-linux-ami-2-cve-2018-16062/
Other Scripts:
N/A
Platforms Tested: NETIS WF2419 V2.2.36123 and V2.2.36123
2020
Netis WF2419 2.2.36123 – Remote Code Execution
Netis WF2419 is vulnerable to remote code execution due to improper input validation. An attacker can send a specially crafted HTTP POST request to the vulnerable page '/cgi-bin-igd/netcore_set.cgi' with a malicious command in the 'tools_ip_url' parameter. This will allow the attacker to execute arbitrary commands on the vulnerable device.
Mitigation:
The vendor has released a patch to address this vulnerability. Users should update their devices to the latest version.
