Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2019-19824

UNKNOWN
Published 2020-01-27T17:03:58
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2019-19824. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, N100RE through 3.4.0, and N302RE 2.0.2.

Available Exploits

TOTOLINK Realtek SD Routers - Remote Command Injection

TOTOLINK Realtek SDK based routers may allow an authenticated attacker to execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0.

ID: CVE-2019-19824
Author: gy741 High

References:

Related News

No news articles found for this CVE.

Affected Products

totolink

a3002ru_firmware

Affected Versions:

0
totolink

a702r_firmware

Affected Versions:

0
totolink

n301rt_firmware

Affected Versions:

0
totolink

n302r_firmware

Affected Versions:

0
totolink

n200re_firmware

Affected Versions:

0
totolink

n150rt_firmware

Affected Versions:

0
totolink

n100re_firmware

Affected Versions:

0
totolink

n302re_firmware

Affected Versions:

0

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-mrf4-89gh-pm62

Advisory Details

On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2019-19824
WEB https://github.com/yckuo-sdc/totolink-boa-api-vulnerabilities
WEB https://sploit.tech
WEB http://packetstormsecurity.com/files/156083/Realtek-SDK-Information-Disclosure-Code-Execution.html
WEB http://seclists.org/fulldisclosure/2020/Jan/36
WEB http://seclists.org/fulldisclosure/2020/Jan/38

Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: August 28, 2024

References

https://sploit.tech
http://seclists.org/fulldisclosure/2020/Jan/36
http://packetstormsecurity.com/files/156083/Realtek-SDK-Information-Disclosure-Code-Execution.html
http://seclists.org/fulldisclosure/2020/Jan/38
https://github.com/yckuo-sdc/totolink-boa-api-vulnerabilities
Published: 2020-01-27T17:03:58
Last Modified: 2024-08-28T18:03:26.209Z
Copied to clipboard!