CVE-2019-19824

CWE-78 — OS Command Injection7 documents7 sources

Severity

8.8HIGH

EPSS

90.2%

top 0.41%

CISA KEV

Not in KEV

Exploit

Exploited in wild

Active exploitation observed

Affected products

Totolink A3002ru Firmware Totolink A702r Firmware Totolink N100re Firmware +5 more

Timeline

PublishedJan 27

Latest updateMay 24

Description

On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, N100RE through 3.4.0, and N302RE 2.0.2.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages8 packages

▶NVDtotolink/a702r_firmware2.1.3

▶NVDtotolink/n302r_firmware3.4.0

▶NVDtotolink/n100re_firmware3.4.0

▶NVDtotolink/n150rt_firmware3.4.0

▶NVDtotolink/n200re_firmware4.0.0

🔴Vulnerability Details

GHSA

GHSA-mrf4-89gh-pm62: On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/form↗2022-05-24

▶

CVEList

CVE-2019-19824: On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/form↗2020-01-27

▶

OSV

linux-hwe, linux-azure vulnerabilities↗2019-04-02

▶

VulnCheck

totolink a3002ru Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')↗2019

▶

💥Exploits & PoCs

Nuclei

TOTOLINK Realtek SD Routers - Remote Command Injection

▶

🔍Detection Rules

Suricata

ET EXPLOIT TOTOLINK Realtek SDK RCE (CVE-2019-19824)↗2022-02-23

▶