CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2019-19356

Known Exploited (CISA KEV)HIGH
7.5
CVSS Severity Score
EPSS Score51.1000%
EPSS Percentile93.27th
Published2020年2月7日
Last Modified2025年11月7日

Vulnerability Description

Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. The vulnerability has been found in firmware version V1.2.31805 and V2.2.36123. After one is connected to this page, it is possible to execute system commands as root through the tracert diagnostic tool because of lack of user input sanitizing.

Affected Platforms (CPE)

💻
Netis Systems

Wf2419 Firmware

= 1.2.31805
💻
Netis Systems

Wf2419 Firmware

= 2.2.36123

References & Advisories

🔗 http://packetstormsecurity.com/files/156588/Netis-WF2419-2.2.36123-Remote-Code-Execution.html
🔗 https://github.com/shadowgatt/CVE-2019-19356
🔗 https://www.digital.security/en/blog/netis-routers-remote-code-execution-cve-2019-19356
🔗 http://packetstormsecurity.com/files/156588/Netis-WF2419-2.2.36123-Remote-Code-Execution.html
🔗 https://github.com/shadowgatt/CVE-2019-19356
🔗 https://www.digital.security/en/blog/netis-routers-remote-code-execution-cve-2019-19356
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-19356

相關漏洞威脅

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...

CVE-2026-121886.3

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules...