CVE-2019-19823
Realtek SDK Information Disclosure / Code Execution
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0; Rutek RTK 11N AP through 2019-12-12; Sapido GR297n through 2019-12-12; CIK TELECOM MESH ROUTER through 2019-12-12; KCTVJEJU Wireless AP through 2019-12-12; Fibergate FGN-R2 through 2019-12-12; Hi-Wifi MAX-C300N through 2019-12-12; HCN MAX-C300N through 2019-12-12; T-broad GN-866ac through 2019-12-12; Coship EMTA AP through 2019-12-12; and IO-Data WN-AC1167R through 2019-12-12.
Una determinada interfaz de administración de enrutador (que incluye Realtek APMIB versión 0.11f para Boa versión 0.94.14rc21), almacena contraseñas administrativas de texto sin cifrar en la memoria flash y en un archivo. Esto afecta a TOTOLINK A3002RU versiones hasta 2.0.0, A702R versiones hasta 2.1.3, N301RT versiones hasta 2.1.6, N302R versiones hasta 3.4.0, N300RT versiones hasta 3.4.0, N200RE versiones hasta 4.0.0, N150RT versiones hasta 3.4.0 y N100RE versiones hasta 3.4. 0; Rutek RTK 11N AP hasta el 12-12-2019; Sapido GR297n hasta el 12-12-2019; ROUTER CIK TELECOM MESH hasta 12-12-2019; KCTVJEJU Wireless AP hasta el 12-12-2019; Fibergate FGN-R2 hasta el 12-12-2019; Hi-Wifi MAX-C300N hasta el 12-12-2019; HCN MAX-C300N hasta el 12-12-2019; GN-866ac T-wide hasta el 12-12-2019; Coship EMTA AP hasta el 12-12-2019; y IO-Data WN-AC1167R hasta el 12-12-2019.
Realtek SDK based routers suffer from information disclosure, incorrect access control, insecure password storage, code execution, and incorrectly implemented CAPTCHA vulnerabilities.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-12-16 CVE Reserved
- 2020-01-24 CVE Published
- 2024-01-03 EPSS Updated
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-522: Insufficiently Protected Credentials
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/fulldisclosure/2020/Jan/36 | Mailing List |
|
| https://github.com/Saturn49/wecb/blob/755ce19a493c78270c04b5aaf39664f0cddbb420/rtl819x/users/boa/apmib/apmib.h#L13 | Third Party Advisory | |
| https://sploit.tech | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Totolink Search vendor "Totolink" | A3002ru Firmware Search vendor "Totolink" for product "A3002ru Firmware" | <= 2.0.0 Search vendor "Totolink" for product "A3002ru Firmware" and version " <= 2.0.0" | - |
Affected
| in | Totolink Search vendor "Totolink" | A3002ru Search vendor "Totolink" for product "A3002ru" | - | - |
Safe
|
| Totolink Search vendor "Totolink" | A702r Firmware Search vendor "Totolink" for product "A702r Firmware" | <= 2.1.3 Search vendor "Totolink" for product "A702r Firmware" and version " <= 2.1.3" | - |
Affected
| in | Totolink Search vendor "Totolink" | A702r Search vendor "Totolink" for product "A702r" | - | - |
Safe
|
| Totolink Search vendor "Totolink" | N302r Firmware Search vendor "Totolink" for product "N302r Firmware" | <= 3.4.0 Search vendor "Totolink" for product "N302r Firmware" and version " <= 3.4.0" | - |
Affected
| in | Totolink Search vendor "Totolink" | N302r Search vendor "Totolink" for product "N302r" | - | - |
Safe
|
| Totolink Search vendor "Totolink" | N300rt Firmware Search vendor "Totolink" for product "N300rt Firmware" | <= 3.4.0 Search vendor "Totolink" for product "N300rt Firmware" and version " <= 3.4.0" | - |
Affected
| in | Totolink Search vendor "Totolink" | N300rt Search vendor "Totolink" for product "N300rt" | - | - |
Safe
|
| Totolink Search vendor "Totolink" | N200re Firmware Search vendor "Totolink" for product "N200re Firmware" | <= 4.0.0 Search vendor "Totolink" for product "N200re Firmware" and version " <= 4.0.0" | - |
Affected
| in | Totolink Search vendor "Totolink" | N200re Search vendor "Totolink" for product "N200re" | - | - |
Safe
|
| Totolink Search vendor "Totolink" | N150rt Firmware Search vendor "Totolink" for product "N150rt Firmware" | <= 3.4.0 Search vendor "Totolink" for product "N150rt Firmware" and version " <= 3.4.0" | - |
Affected
| in | Totolink Search vendor "Totolink" | N150rt Search vendor "Totolink" for product "N150rt" | - | - |
Safe
|
| Totolink Search vendor "Totolink" | N100re Firmware Search vendor "Totolink" for product "N100re Firmware" | <= 3.4.0 Search vendor "Totolink" for product "N100re Firmware" and version " <= 3.4.0" | - |
Affected
| in | Totolink Search vendor "Totolink" | N100re Search vendor "Totolink" for product "N100re" | - | - |
Safe
|
| Realtek Search vendor "Realtek" | Rtk 11n Ap Firmware Search vendor "Realtek" for product "Rtk 11n Ap Firmware" | <= 2019-12-12 Search vendor "Realtek" for product "Rtk 11n Ap Firmware" and version " <= 2019-12-12" | - |
Affected
| in | Realtek Search vendor "Realtek" | Rtk 11n Ap Search vendor "Realtek" for product "Rtk 11n Ap" | - | - |
Safe
|
| Sapido Search vendor "Sapido" | Gr297n Firmware Search vendor "Sapido" for product "Gr297n Firmware" | <= 2019-12-12 Search vendor "Sapido" for product "Gr297n Firmware" and version " <= 2019-12-12" | - |
Affected
| in | Sapido Search vendor "Sapido" | Gr297n Search vendor "Sapido" for product "Gr297n" | - | - |
Safe
|
| Ciktel Search vendor "Ciktel" | Mesh Router Firmware Search vendor "Ciktel" for product "Mesh Router Firmware" | <= 2019-12-12 Search vendor "Ciktel" for product "Mesh Router Firmware" and version " <= 2019-12-12" | - |
Affected
| in | Ciktel Search vendor "Ciktel" | Mesh Router Search vendor "Ciktel" for product "Mesh Router" | - | - |
Safe
|
| Kctvjeju Search vendor "Kctvjeju" | Wireless Ap Firmware Search vendor "Kctvjeju" for product "Wireless Ap Firmware" | <= 2019-12-12 Search vendor "Kctvjeju" for product "Wireless Ap Firmware" and version " <= 2019-12-12" | - |
Affected
| in | Kctvjeju Search vendor "Kctvjeju" | Wireless Ap Search vendor "Kctvjeju" for product "Wireless Ap" | - | - |
Safe
|
| Fg-products Search vendor "Fg-products" | Fgn-r2 Firmware Search vendor "Fg-products" for product "Fgn-r2 Firmware" | <= 2019-12-12 Search vendor "Fg-products" for product "Fgn-r2 Firmware" and version " <= 2019-12-12" | - |
Affected
| in | Fg-products Search vendor "Fg-products" | Fgn-r2 Search vendor "Fg-products" for product "Fgn-r2" | - | - |
Safe
|
| Hiwifi Search vendor "Hiwifi" | Max-c300n Firmware Search vendor "Hiwifi" for product "Max-c300n Firmware" | <= 2019-12-12 Search vendor "Hiwifi" for product "Max-c300n Firmware" and version " <= 2019-12-12" | - |
Affected
| in | Hiwifi Search vendor "Hiwifi" | Max-c300n Search vendor "Hiwifi" for product "Max-c300n" | - | - |
Safe
|
| Tbroad Search vendor "Tbroad" | Gn-866ac Firmware Search vendor "Tbroad" for product "Gn-866ac Firmware" | <= 2019-12-12 Search vendor "Tbroad" for product "Gn-866ac Firmware" and version " <= 2019-12-12" | - |
Affected
| in | Tbroad Search vendor "Tbroad" | Gn-866ac Search vendor "Tbroad" for product "Gn-866ac" | - | - |
Safe
|
| Coship Search vendor "Coship" | Emta Ap Firmwre Search vendor "Coship" for product "Emta Ap Firmwre" | <= 2019-12-12 Search vendor "Coship" for product "Emta Ap Firmwre" and version " <= 2019-12-12" | - |
Affected
| in | Coship Search vendor "Coship" | Emta Ap Search vendor "Coship" for product "Emta Ap" | - | - |
Safe
|
| Iodata Search vendor "Iodata" | Wn-ac1167r Firmwre Search vendor "Iodata" for product "Wn-ac1167r Firmwre" | <= 2019-12-12 Search vendor "Iodata" for product "Wn-ac1167r Firmwre" and version " <= 2019-12-12" | - |
Affected
| in | Iodata Search vendor "Iodata" | Wn-ac1167r Search vendor "Iodata" for product "Wn-ac1167r" | - | - |
Safe
|
| Hcn Max-c300n Project Search vendor "Hcn Max-c300n Project" | Hcn Max-c300n Firmware Search vendor "Hcn Max-c300n Project" for product "Hcn Max-c300n Firmware" | <= 2019-12-12 Search vendor "Hcn Max-c300n Project" for product "Hcn Max-c300n Firmware" and version " <= 2019-12-12" | - |
Affected
| in | Hcn Max-c300n Project Search vendor "Hcn Max-c300n Project" | Hcn Max-c300n Search vendor "Hcn Max-c300n Project" for product "Hcn Max-c300n" | - | - |
Safe
|
| Totolink Search vendor "Totolink" | N301rt Firmware Search vendor "Totolink" for product "N301rt Firmware" | <= 2.1.6 Search vendor "Totolink" for product "N301rt Firmware" and version " <= 2.1.6" | - |
Affected
| in | Totolink Search vendor "Totolink" | N301rt Search vendor "Totolink" for product "N301rt" | - | - |
Safe
|