Cross-Site Request Forgery Vulnerability in Netis WF2419 Devices
CVE-2018-6391

8.8HIGH

Key Information:

Vendor: Netis-systems
Status: Wf2419 Firmware
Vendor: CVE Published:; 3 October 2022

🔔 Create Netis-systems Vulnerability Alert

What is CVE-2018-6391?

A cross-site request forgery vulnerability has been identified in the Netis WF2419 devices running firmware version V2.2.36123. This flaw enables a remote attacker to exploit the device, allowing unauthorized deletion of Address Reservation List settings. By tricking a user into executing a malicious request, an attacker can make changes to the router's configuration without their consent. This vulnerability highlights the importance of securing network devices and protecting users from unauthorized actions.