Netis Systems WF2419 Firmware 2.2.36123

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:o:netis-systems:wf2419_firmware:2.2.36123:*:*:*:*:*:*:*

part: o version: 2.2.36123 update: *

VendorNetis Systems (672828a5-2e28-5c8f-b339-4984bcfc4393)
ProductWf2419 Firmware (4230317e-f33a-565f-9d0f-9616b1d8c72a)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2019-19356 vulnerable 2026-06-03 14:40:04.546908 Details available
Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. The vulnerability has been found in firmware version V1.2.31805 and V2.2.36123. After one is connected to this page, it is possible to execute system commands as root through the tracert diagnostic tool because of lack of user input sanitizing.
Published: 2020-02-07T22:49:07.000Z
Updated: 2025-10-21T23:35:51.944Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-6391 vulnerable 2026-06-03 14:39:00.224750 Details available
A cross-site request forgery web vulnerability has been discovered on Netis WF2419 V2.2.36123 devices. A remote attacker is able to delete Address Reservation List settings.
Published: 2018-01-29T19:00:00.000Z
Updated: 2024-09-17T01:51:50.686Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-5967 vulnerable 2026-06-03 14:38:59.747161 Details available
Netis WF2419 V2.2.36123 devices allow XSS via the Description parameter on the Bandwidth Control Rule Settings page.
Published: 2018-01-25T08:00:00.000Z
Updated: 2024-08-05T05:47:56.176Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.