Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-19822

A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, including sensitive data (usernames and passwords). This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0; Rutek RTK 11N AP through 2019-12-12; Sapido GR297n through 2019-12-12; CIK TELECOM MESH ROUTER through 2019-12-12; KCTVJEJU Wireless AP through 2019-12-12; Fibergate FGN-R2 through 2019-12-12; Hi-Wifi MAX-C300N through 2019-12-12; HCN MAX-C300N through 2019-12-12; T-broad GN-866ac through 2019-12-12; Coship EMTA AP through 2019-12-12; and IO-Data WN-AC1167R through 2019-12-12.

Published

2020-01-27T18:15:12.790

Last Modified

2024-11-21T04:35:27.863

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-306

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	totolink	a3002ru_firmware	≤ 2.0.0	Yes
Hardware	totolink	a3002ru	-	No
Operating System	totolink	a702r_firmware	≤ 2.1.3	Yes
Hardware	totolink	a702r	-	No
Operating System	totolink	n302r_firmware	≤ 3.4.0	Yes
Hardware	totolink	n302r	-	No
Operating System	totolink	n300rt_firmware	≤ 3.4.0	Yes
Hardware	totolink	n300rt	-	No
Operating System	totolink	n200re_firmware	≤ 4.0.0	Yes
Hardware	totolink	n200re	-	No
Operating System	totolink	n150rt_firmware	≤ 3.4.0	Yes
Hardware	totolink	n150rt	-	No
Operating System	totolink	n100re_firmware	≤ 3.4.0	Yes
Hardware	totolink	n100re	-	No
Operating System	realtek	rtk_11n_ap_firmware	≤ 2019-12-12	Yes
Hardware	realtek	rtk_11n_ap	-	No
Operating System	sapido	gr297n_firmware	≤ 2019-12-12	Yes
Hardware	sapido	gr297n	-	No
Operating System	ciktel	mesh_router_firmware	≤ 2019-12-12	Yes
Hardware	ciktel	mesh_router	-	No
Operating System	kctvjeju	wireless_ap_firmware	≤ 2019-12-12	Yes
Hardware	kctvjeju	wireless_ap	-	No
Operating System	fg-products	fgn-r2_firmware	≤ 2019-12-12	Yes
Hardware	fg-products	fgn-r2	-	No
Operating System	hiwifi	max-c300n_firmware	≤ 2019-12-12	Yes
Hardware	hiwifi	max-c300n	-	No
Operating System	tbroad	gn-866ac_firmware	≤ 2019-12-12	Yes
Hardware	tbroad	gn-866ac	-	No
Operating System	coship	emta_ap_firmwre	≤ 2019-12-12	Yes
Hardware	coship	emta_ap	-	No
Operating System	iodata	wn-ac1167r_firmwre	≤ 2019-12-12	Yes
Hardware	iodata	wn-ac1167r	-	No
Operating System	hcn_max-c300n_project	hcn_max-c300n_firmware	≤ 2019-12-12	Yes
Hardware	hcn_max-c300n_project	hcn_max-c300n	-	No
Operating System	totolink	n301rt_firmware	≤ 2.1.6	Yes
Hardware	totolink	n301rt	-	No

References

http://opensource.actiontec.com/sourcecode/wcb3000x/wecb3000n_gpl_0.16.8.4.tgz Exploit, Third Party Advisory ([email protected])
http://packetstormsecurity.com/files/156083/Realtek-SDK-Information-Disclosure-Code-Execution.html Exploit, Third Party Advisory, VDB Entry ([email protected])
http://seclists.org/fulldisclosure/2020/Jan/36 Mailing List, Third Party Advisory ([email protected])
http://seclists.org/fulldisclosure/2020/Jan/38 Exploit, Mailing List, Third Party Advisory ([email protected])
https://github.com/Saturn49/wecb/blob/755ce19a493c78270c04b5aaf39664f0cddbb420/rtl819x/users/boa/apmib/apmib.h#L13 Third Party Advisory ([email protected])
https://sploit.tech Third Party Advisory ([email protected])
http://opensource.actiontec.com/sourcecode/wcb3000x/wecb3000n_gpl_0.16.8.4.tgz Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/156083/Realtek-SDK-Information-Disclosure-Code-Execution.html Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2020/Jan/36 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2020/Jan/38 Exploit, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/Saturn49/wecb/blob/755ce19a493c78270c04b5aaf39664f0cddbb420/rtl819x/users/boa/apmib/apmib.h#L13 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://sploit.tech Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)