CNNVD-202508-2056 Information
Aug 18, 2025
cve
CNNVD ID
CNNVD-202508-2056
Related CVE
- CNNVD Published: 2025-08-18
Description (Chinese)
Netis WF2419是中国天旦(Netis)公司的一款路由器。 Netis WF2419 1.2.29433版本存在代码注入漏洞,该漏洞源于Wireless Settings Page未对SSID参数进行过滤,远程攻击者可触发跨站脚本攻击。
Description (English)
Netis WF2419 is a router for Netis. Netis WF2419 1.2.29433 has a code-injection loophole, which stems from the fact that Wireless Settings Page does not filter SID parameters and that a remote attacker can trigger a cross-site script attack.
Hazard Level
Critical
Vulnerability Type
代码注入
Affected Vendor
天旦
Published
2025-08-18
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.320456 https://vuldb.com/?submit.628410 https://vuldb.com/?id.320456 https://nvd.nist.gov/vuln/detail/CVE-2025-9119
Patch
https://www.netis-systems.com/support/downinfo.html?id=64
Share on: