CVE-2019-19822

Published: Jan 27, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, including sensitive data (usernames and passwords). This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0; Rutek RTK 11N AP through 2019-12-12; Sapido GR297n through 2019-12-12; CIK TELECOM MESH ROUTER through 2019-12-12; KCTVJEJU Wireless AP through 2019-12-12; Fibergate FGN-R2 through 2019-12-12; Hi-Wifi MAX-C300N through 2019-12-12; HCN MAX-C300N through 2019-12-12; T-broad GN-866ac through 2019-12-12; Coship EMTA AP through 2019-12-12; and IO-Data WN-AC1167R through 2019-12-12.

Affected (18)

Products: Totolink: A3002ru Firmware, A702r Firmware, N302r Firmware, N300rt Firmware, N200re Firmware, N150rt Firmware, N100re Firmware, N301rt Firmware · Realtek: Rtk 11n Ap Firmware · Sapido: Gr297n Firmware · +8 more

Show all products

8 products

1 product

1 product

1 product

1 product

1 product

1 product

1 product

1 product

1 product

Hcn Max C300n Project

1 product

Hcn Max C300n Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Totolink A3002ru Firmware	Up to 2.0.0

Running on/with	Platform Versions
Totolink A3002ru	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Totolink A702r Firmware	Up to 2.1.3

Running on/with	Platform Versions
Totolink A702r	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Totolink N302r Firmware	Up to 3.4.0

Running on/with	Platform Versions
Totolink N302r	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Totolink N300rt Firmware	Up to 3.4.0

Running on/with	Platform Versions
Totolink N300rt	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Totolink N200re Firmware	Up to 4.0.0

Running on/with	Platform Versions
Totolink N200re	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Totolink N150rt Firmware	Up to 3.4.0

Running on/with	Platform Versions
Totolink N150rt	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Totolink N100re Firmware	Up to 3.4.0

Running on/with	Platform Versions
Totolink N100re	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Realtek Rtk 11n Ap Firmware	Up to 2019-12-12

Running on/with	Platform Versions
Realtek Rtk 11n Ap	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sapido Gr297n Firmware	Up to 2019-12-12

Running on/with	Platform Versions
Sapido Gr297n	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ciktel Mesh Router Firmware	Up to 2019-12-12

Running on/with	Platform Versions
Ciktel Mesh Router	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Kctvjeju Wireless Ap Firmware	Up to 2019-12-12

Running on/with	Platform Versions
Kctvjeju Wireless Ap	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Fg Products Fgn R2 Firmware	Up to 2019-12-12

Running on/with	Platform Versions
Fg Products Fgn R2	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hiwifi Max C300n Firmware	Up to 2019-12-12

Running on/with	Platform Versions
Hiwifi Max C300n	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tbroad Gn 866ac Firmware	Up to 2019-12-12

Running on/with	Platform Versions
Tbroad Gn 866ac	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Coship Emta Ap Firmwre	Up to 2019-12-12

Running on/with	Platform Versions
Coship Emta Ap	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Iodata Wn Ac1167r Firmwre	Up to 2019-12-12

Running on/with	Platform Versions
Iodata Wn Ac1167r	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hcn Max C300n Project Hcn Max C300n Firmware	Up to 2019-12-12

Running on/with	Platform Versions
Hcn Max C300n Project Hcn Max C300n	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Totolink N301rt Firmware	Up to 2.1.6

Running on/with	Platform Versions
Totolink N301rt	All versions

Related CWEs

CWE-306

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (12)

http://opensource.actiontec.com/sourcecode/wcb3000x/wecb3000n_gpl_0.16.8.4.tgz

Source: cve@mitre.org

ExploitThird Party Advisory

http://packetstormsecurity.com/files/156083/Realtek-SDK-Information-Disclosure-Code-Execution.html

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

http://seclists.org/fulldisclosure/2020/Jan/36

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2020/Jan/38

Source: cve@mitre.org

ExploitMailing ListThird Party Advisory

https://github.com/Saturn49/wecb/blob/755ce19a493c78270c04b5aaf39664f0cddbb420/rtl819x/users/boa/apmib/apmib.h#L13

Source: cve@mitre.org

Third Party Advisory

https://sploit.tech

Source: cve@mitre.org

Third Party Advisory

http://opensource.actiontec.com/sourcecode/wcb3000x/wecb3000n_gpl_0.16.8.4.tgz