| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
| Realtek SDK Information Disclosure / Code Execution Exploit | 27 Jan 202000:00 | – | zdt | |
| CVE-2019-19822 | 20 Nov 202511:49 | – | circl | |
| CVE-2019-19822 | 27 Jan 202017:55 | – | cve | |
| CVE-2019-19822 | 27 Jan 202017:55 | – | cvelist | |
| EUVD-2019-9420 | 7 Oct 202500:30 | – | euvd | |
| TOTOLINK/Realtek Routers - Information Disclosure | 6 Jul 202603:02 | – | nuclei | |
| CVE-2019-19822 | 27 Jan 202018:15 | – | nvd | |
| CVE-2019-19822 | 27 Jan 202018:15 | – | osv | |
| Realtek SDK Information Disclosure / Code Execution | 24 Jan 202000:00 | – | packetstorm | |
| Code injection | 27 Jan 202018:15 | – | prion |
id: CVE-2019-19822
info:
name: TOTOLINK/Realtek Routers - Information Disclosure
author: ritikchaddha
severity: high
description: |
A certain router administration interface using Realtek APMIB (e.g., on TOTOLINK models) allows unauthenticated remote attackers to disclose the entire router configuration, including sensitive credentials, via accessing the "config.dat" file. Affected devices include TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, N100RE through 3.4.0, and other Realtek SDK-based devices.
impact: |
Unauthenticated attackers can retrieve the entire router configuration including Wi-Fi passwords, admin credentials, and network settings, enabling complete network takeover.
remediation: |
Upgrade to firmware versions beyond those listed as vulnerable, or replace affected devices with patched alternatives.
reference:
- http://packetstormsecurity.com/files/156083/Realtek-SDK-Information-Disclosure-Code-Execution.html
- https://nvd.nist.gov/vuln/detail/CVE-2019-19822
classification:
cve-id: CVE-2019-19822
epss-score: 0.08669
epss-percentile: 0.94474
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-306
metadata:
verified: true
max-requests: 1
vendor: totolink
fofa-query: title="totolink"
tags: cve,cve2019,totolink,realtek,information-disclosure,config,boa
http:
- method: GET
path:
- "{{BaseURL}}/config.dat"
matchers:
- type: dsl
dsl:
- 'contains(content_type, "text/plain")'
- 'contains(to_lower(server), "boa")'
- 'contains(accept_ranges, "bytes")'
- 'status_code == 200'
condition: and
# digest: 4a0a00473045022100ce8be829e98606cb542aa857f2f923e5b307a5aa211c0fb1385866365dfdac0b02205f4ad2424ef1d9617c4dffbb7f555c76c007d27534b1590b5b109a8a311914cf:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation