Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intelbras vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-20004
An issue exists on Intelbras IWR 3000N 1.8.7 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router.
Intelbras Iwr 3000n Firmware 1.8.7
8.1
CVSSv3
CVE-2018-12455
Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an malicious user to authenticate in the web interface just by using "admin:" as the name of a cookie.
Intelbras Nplug Firmware 1.0.0.14
8.8
CVSSv3
CVE-2018-12456
Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web interface, allowing malicious users to perform actions such as changing the wireless SSID, rebooting the device, editing access control lists, or activating remote access.
Intelbras Nplug Firmware 1.0.0.14
7.5
CVSSv3
CVE-2019-19142
Intelbras WRN240 devices do not require authentication to replace the firmware via a POST request to the incoming/Firmware.cfg URI.
Intelbras Wrn 240 Firmware 2.0.0
1 EDB exploit
8.8
CVSSv3
CVE-2019-11414
An issue exists on Intelbras IWR 3000N 1.5.0 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router.
Intelbras Iwr 3000n Firmware 1.5.0
6.5
CVSSv3
CVE-2019-19516
Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password.
Intelbras Wrn 150 Firmware 1.0.18
1 EDB exploit
7.5
CVSSv3
CVE-2019-19996
An issue exists on Intelbras IWR 3000N 1.8.7 devices. A malformed login request allows remote malicious users to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""} string to v1/system/login.
Intelbras Iwr 3000n Firmware 1.8.7
9.8
CVSSv3
CVE-2019-17600
Intelbras IWR 1000N 1.6.4 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled.
Intelbras Iwr 1000n Firmware 1.6.4
9.8
CVSSv3
CVE-2017-14942
Intelbras WRN 150 devices allow remote malicious users to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie.
Intelbras Wrn 150 Firmware 1.0.1
1 Github repository
9.8
CVSSv3
CVE-2018-10369
A Cross-site scripting (XSS) vulnerability exists on Intelbras Win 240 V1.1.0 devices. An attacker can change the Admin Password without a Login.
Intelbras Win 240 Firmware 1.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »