cbcvebase.
CVE-2019-16313
published 2019-09-14

CVE-2019-16313: ifw8 Router ROM v4.31 allows credential disclosure by reading the action/usermanager.htm HTML source code.

PriorityP264high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
47.03%
98.7th percentile
ifw8 Router ROM v4.31 allows credential disclosure by reading the action/usermanager.htm HTML source code.

Affected

5 ranges
VendorProductVersion rangeFixed in
ifw8fr5-e_firmware
ifw8fr5_firmware
ifw8fr6-s_firmware
ifw8fr6_firmware
ifw8fr8_firmware

Detection & IOCsextracted from sources · hover to see the quote

path/action/usermanager.htm
  • Send an unauthenticated HTTP GET request to /action/usermanager.htm on the target device; a 200 response containing credential data (masked as asterisks pattern '******') in the body confirms exploitation.
  • Match HTTP response body with regex '\*\*\*\*\*\*' to detect exposed credential fields in the HTML source of the user manager page.
  • Confirm vulnerability by checking for HTTP 200 status code alongside the credential pattern match in the response body.
  • ·The vulnerability is unauthenticated (no credentials required) and network-accessible, affecting ifw8 Router ROM v4.31 (CPE: cpe:2.3:o:ifw8:fr6_firmware:4.31).
  • ·Only a single HTTP request is needed to confirm credential disclosure; max-request is 1.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.