Vulnerability Details : CVE-2019-19823
Potential exploit
A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0; Rutek RTK 11N AP through 2019-12-12; Sapido GR297n through 2019-12-12; CIK TELECOM MESH ROUTER through 2019-12-12; KCTVJEJU Wireless AP through 2019-12-12; Fibergate FGN-R2 through 2019-12-12; Hi-Wifi MAX-C300N through 2019-12-12; HCN MAX-C300N through 2019-12-12; T-broad GN-866ac through 2019-12-12; Coship EMTA AP through 2019-12-12; and IO-Data WN-AC1167R through 2019-12-12.
Products affected by CVE-2019-19823
- cpe:2.3:o:realtek:rtk_11n_ap_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:iodata:wn-ac1167r_firmwre:*:*:*:*:*:*:*:*
- cpe:2.3:o:totolink:a3002ru_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:totolink:a702r_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:totolink:n301rt_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:totolink:n302r_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:totolink:n300rt_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:totolink:n200re_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:totolink:n150rt_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:totolink:n100re_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:coship:emta_ap_firmwre:*:*:*:*:*:*:*:*
- cpe:2.3:o:sapido:gr297n_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:ciktel:mesh_router_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:kctvjeju:wireless_ap_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:fg-products:fgn-r2_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hiwifi:max-c300n_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:tbroad:gn-866ac_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:hcn_max-c300n_project:hcn_max-c300n_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-19823
1.36%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 79 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-19823
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2019-19823
-
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-19823
-
http://packetstormsecurity.com/files/156083/Realtek-SDK-Information-Disclosure-Code-Execution.html
Realtek SDK Information Disclosure / Code Execution ≈ Packet StormExploit;Third Party Advisory;VDB Entry
-
http://seclists.org/fulldisclosure/2020/Jan/38
Full Disclosure: Re: Multiple vulnerabilities in TOTOLINK and other Realtek SDK based routersExploit;Mailing List;Third Party Advisory
-
http://seclists.org/fulldisclosure/2020/Jan/36
Full Disclosure: Multiple vulnerabilities in TOTOLINK and other Realtek SDK based routersMailing List;Third Party Advisory
-
http://opensource.actiontec.com/sourcecode/wcb3000x/wecb3000n_gpl_0.16.8.4.tgz
Exploit;Third Party Advisory
-
https://sploit.tech
sploit.techThird Party Advisory
-
https://github.com/Saturn49/wecb/blob/755ce19a493c78270c04b5aaf39664f0cddbb420/rtl819x/users/boa/apmib/apmib.h#L13
wecb/apmib.h at 755ce19a493c78270c04b5aaf39664f0cddbb420 · Saturn49/wecb · GitHubThird Party Advisory
Jump to