CVE-2019-19823
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-19823
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0; Rutek RTK 11N AP through 2019-12-12; Sapido GR297n through 2019-12-12; CIK TELECOM MESH ROUTER through 2019-12-12; KCTVJEJU Wireless AP through 2019-12-12; Fibergate FGN-R2 through 2019-12-12; Hi-Wifi MAX-C300N through 2019-12-12; HCN MAX-C300N through 2019-12-12; T-broad GN-866ac through 2019-12-12; Coship EMTA AP through 2019-12-12; and IO-Data WN-AC1167R through 2019-12-12.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
TotoLink A3002RU 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
TotoLink A3002RU是中国台湾吉翁电子(TotoLink)公司的一款无线路由器产品。 多款TotoLink产品中存在安全漏洞,该漏洞源于程序将明文管理密码存储在闪存和文件中。远程攻击者可借助特制请求利用该漏洞获取用户凭据,并发起进一步的攻击。以下产品及版本受到影响:TotoLink A3002RU 2.0.0及之前版本;A702R 2.1.3及之前版本;N301RT 2.1.6及之前版本;N302R 3.4.0及之前版本;N300RT 3.4.0及之前版本;N200RE 4.0.0及之前版本;
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2019-19823
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | A certain router administration interface using Realtek APMIB (e.g., on TOTOLINK models) allows unauthenticated remote attackers to disclose the entire router configuration, including sensitive credentials, via accessing the "config.dat" file. Affected devices include TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, N100RE through 3.4.0, and other Realtek SDK-based devices. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2019/CVE-2019-19823.yaml | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2019-19823
请登录查看更多情报信息。
Same Patch Batch · n/a · 2020-01-27 · 75 CVEs total
| CVE-2019-11318 | Zimbra Collaboration Suite 跨站脚本漏洞 | |
| CVE-2019-20441 | WSO2 API Manager 跨站脚本漏洞 | |
| CVE-2020-8087 | SMC Networks D3G0804W 安全漏洞 | |
| CVE-2014-8563 | Zimbra Collaboration Suite 操作系统命令注入漏洞 | |
| CVE-2019-8945 | Zimbra Collaboration Suite 跨站脚本漏洞 | |
| CVE-2019-8946 | Zimbra Collaboration Suite 跨站脚本漏洞 | |
| CVE-2019-8947 | Zimbra Collaboration Suite 跨站脚本漏洞 | |
| CVE-2018-19441 | Neato Robotics Neato Botvac Connected 安全特征问题漏洞 | |
| CVE-2015-2249 | Zimbra Collaboration Suite 跨站脚本漏洞 | |
| CVE-2014-5500 | Zimbra Collaboration Suite 跨站脚本漏洞 | |
| CVE-2020-8088 | UseBB 安全漏洞 | |
| CVE-2019-12427 | Zimbra Collaboration Suite 跨站脚本漏洞 | |
| CVE-2019-15313 | Zimbra Collaboration Suite 跨站脚本漏洞 | |
| CVE-2019-19143 | TP-LINK TL-WR849N 访问控制错误漏洞 | |
| CVE-2019-19539 | 多款HPE产品安全漏洞 | |
| CVE-2014-3979 | Bytemark Symbiosis 安全漏洞 | |
| CVE-2019-19822 | 多款TotoLink产品访问控制错误漏洞 | |
| CVE-2013-4770 | Eucalyptus Management Console 跨站脚本漏洞 | |
| CVE-2013-7390 | ZOHO ManageEngine DesktopCentral 代码问题漏洞 | |
| CVE-2014-8741 | Lexmark MarkVision Enterprise 路径遍历漏洞 |
Showing top 20 of 75 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2019-19823
No comments yet