Vulnerabilities (CVE)

Vendor filter

Intelbras Subscribe

Filter

7 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-17600 1 Intelbras 1 Iwr 1000n Firmware 2019-10-15 10.0
Intelbras IWR 1000N 1.6.4 devices allows disclosure of the administrator login name and password because v1/system/user is mishandled.
CVE-2018-10369 1 Intelbras 1 Win 240 Firmware 2019-10-03 10.0
A Cross-site scripting (XSS) vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. An attacker can change the Admin Password without a Login.
CVE-2017-14942 1 Intelbras 1 Wrn 150 Firmware 2019-10-03 7.5
Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie.
CVE-2019-11415 1 Intelbras 1 Iwr 3000n Firmware 2019-05-10 7.8
An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""} string to v1/system/login.
CVE-2019-11416 1 Intelbras 1 Iwr 3000n Firmware 2019-05-06 9.3
A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user.
CVE-2018-12455 1 Intelbras 1 Nplug Firmware 2018-11-28 9.3
Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an attacker to authenticate in the web interface just by using "admin:" as the name of a cookie.
CVE-2018-11094 1 Intelbras 1 Ncloud 300 Firmware 2018-06-22 10.0
An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to...