Vulnerabilities > Netis Systems > Wf2419 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-07 | CVE-2019-19356 | OS Command Injection vulnerability in Netis-Systems Wf2419 Firmware 1.2.31805/2.2.36123 Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. | 8.5 |
| 2018-01-29 | CVE-2018-6391 | Cross-Site Request Forgery (CSRF) vulnerability in Netis-Systems Wf2419 Firmware 2.2.36123 A cross-site request forgery web vulnerability has been discovered on Netis WF2419 V2.2.36123 devices. | 6.8 |
| 2018-01-25 | CVE-2018-5967 | Cross-site Scripting vulnerability in Netis-Systems Wf2419 Firmware 2.2.36123 Netis WF2419 V2.2.36123 devices allow XSS via the Description parameter on the Bandwidth Control Rule Settings page. | 3.5 |
| 2018-01-24 | CVE-2018-6190 | Cross-site Scripting vulnerability in Netis-Systems Wf2419 Firmware 3.2.41381 Netis WF2419 V3.2.41381 devices allow XSS via the Description field on the MAC Filtering page. | 3.5 |