CVE-2019-8985

high-risk
Published 2019-02-21

On Netis WF2411 with firmware 2.1.36123 and other Netis WF2xxx devices (possibly WF2411 through WF2880), there is a stack-based buffer overflow that does not require authentication. This can cause denial of service (device restart) or remote code execution. This vulnerability can be triggered by a GET request with a long HTTP "Authorization: Basic" header that is mishandled by user_auth->user_ok in /bin/boa.

Do I need to act?

!
71.8% chance of exploitation in next 30 days
EPSS score — higher than 28% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (2)

Wf2880 Firmware

Affected Vendors

Netis-Systems

References (2)

Exploit https://github.com/WhooAmii/whooamii.github.io/blob/master/2018/netis/buffer%20o...
Exploit https://github.com/WhooAmii/whooamii.github.io/blob/master/2018/netis/buffer%20o...
58
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 19/34 · Moderate
Exposure 7/34 · Low