CVE-2019-19824 Scanner

TOTOLINK Realtek SDK based routers are popular networking devices used in homes, offices, and other areas where internet connectivity is needed. These routers offer various features such as WAN/LAN connectivity, wireless connectivity, firewalls, and others to help users connect to the internet with ease. The routers are known for their reliability and affordability, making them an ideal choice for many people.

However, recently, a vulnerability was detected in the routers that can allow an attacker to execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This vulnerability was assigned CVE-2019-19824, and it affects several models of TOTOLINK Realtek SDK based routers including A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0.

If exploited, this vulnerability can lead to full control over the affected device's internals. Attackers can use this access to steal data, manipulate the device's settings, or even carry out further attacks on other devices connected to the router. This can be particularly dangerous in cases where the router is used to connect to sensitive networks or when the connected devices store confidential data.

Thanks to the pro features of the s4e.io platform, readers of this article can easily and quickly learn about vulnerabilities in their digital assets. With real-time vulnerability alerts and customizable reporting, this platform provides an easy and effective way to stay ahead of security risks and keep digital assets secure.

REFERENCES

• http://packetstormsecurity.com/files/156083/Realtek-SDK-Information-Disclosure-Code-Execution.html
• http://seclists.org/fulldisclosure/2020/Jan/36
• http://seclists.org/fulldisclosure/2020/Jan/38
• https://sploit.tech