Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-8985 PoC — Netis WF2880和WF2411 缓冲区错误漏洞

Source
https://github.com/Squirre17/CVE-2019-8985
Associated Vulnerability
Title:Netis WF2880和WF2411 缓冲区错误漏洞 (CVE-2019-8985)
Description:On Netis WF2411 with firmware 2.1.36123 and other Netis WF2xxx devices (possibly WF2411 through WF2880), there is a stack-based buffer overflow that does not require authentication. This can cause denial of service (device restart) or remote code execution. This vulnerability can be triggered by a GET request with a long HTTP "Authorization: Basic" header that is mishandled by user_auth->user_ok in /bin/boa.
Description
CVE–2019–8985 Netis WF2411 RCE
Readme
firmware and exp for CVE–2019–8985 Netis WF2411 RCE study
:)
File Snapshot

 [4.0K]  /data/pocs/1710653a69f1aa2b3917c35a4610c8160f09dab1
├── [1.2K]  exp.py
├── [2.6M]  fw.bin
├── [ 534]  malware.c
├── [1.3K]  newexp.py
└── [  65]  README.md

0 directories, 5 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →