CVE-2018-6190
published 2018-01-24CVE-2018-6190: Netis WF2419 V3.2.41381 devices allow XSS via the Description field on the MAC Filtering page.
PriorityP431medium5.4CVSS 3.0
AVNACLPRLUIRSCCLILAN
EXPLOIT
EPSS
1.61%
72.9th percentile
Netis WF2419 V3.2.41381 devices allow XSS via the Description field on the MAC Filtering page.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netis-systems | wf2419_firmware | — | — |
CVSS provenance
nvdv3.05.4MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
nvdv2.03.5LOWAV:N/AC:M/Au:S/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
D-Link Routers - Directory Traversal
exploitdb·2018-10-12·CVSS 7.5
CVE-2018-10822 [HIGH] D-Link Routers - Directory Traversal
D-Link Routers - Directory Traversal
---
Directory Traversal
CVE: CVE-2018-10822
CVSS v3: 8.6
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Description: Directory traversal vulnerability in the web interface on D-Link routers:
DWR-116 through 1.06,
DIR-140L through 1.02,
DIR-640L through 1.02,
DWR-512 through 2.02,
DWR-712 through 2.02,
DWR-912 through 2.02,
DWR-921 through 2.02,
DWR-111 through 1.01,
and probably others with the same type of firmware
allows remote attackers to read arbitrary files via a /.. or // after “GET /uir” in an HTTP request.
NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-6190.
PoC:
`$ curl http://routerip/uir//etc/passwd`
The vulnerability can be used retrieve administrative password using the other disclosed vulnerability - CVE-2018-10824.
Exploit-DB
Netis WF2419 Router - Cross-Site Scripting
exploitdb·2018-02-05·CVSS 5.4
CVE-2018-6190 [MEDIUM] Netis WF2419 Router - Cross-Site Scripting
Netis WF2419 Router - Cross-Site Scripting
---
# Exploit Title: Netis-WF2419 HTML Injection
# Date: 20/01/2018
# Exploit Author: Sajibe Kanti
# Author Contact :https://twitter.com/@sajibekantibd
# Vendor Homepage: http://www.netis-systems.com/
# Version: Netis-WF2419 , V3.2.41381
# Tested on: Windows 10
# CEV : CVE-2018-6190
HTML Injection in Netis-WF2419
Netis-WF2419 is prone to an HTML-injection vulnerability because it fails
to sufficiently sanitize user-supplied data.
Attacker-supplied HTML or script code could run in the context of the
affected site, potentially allowing the attacker to steal cookie-based
authentication credentials and control how the site is rendered to the
user; other attacks are also possible.
Netis-WF2419 is vulnerable;
Proof of Concept:
1. Go to your w
No writeups or analysis indexed.
2018-01-24
Published