Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2017-14942

Published: 30/09/2017 Updated: 14/02/2024
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Wrn 150 Firmware

Vulnerability Summary

Intelbras WRN 150 devices allow remote malicious users to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

intelbras wrn_150_firmware 1.0.1

Github Repositories

https://github.com/dumitory-dev/CVE-2020-35391-POC

Tenda N300 Authentication Bypass via Malformed HTTP Request Header

Welcome to CVE-2020-35391-POC 👋 Tenda N300 Authentication Bypass via Malformed HTTP Request Header Python POC Tenda N300 F3 12010148 devices allow remote attackers to obtain sensitive information (possibly including an http_passwd line) via a direct request for cgi-bin/DownloadCfg/RouterCfmcfg, a related issue to CVE-2017-14942 NOTE

References

CWE-552https://www.exploit-db.com/exploits/42916/http://whiteboyz.xyz/authentication-bypass-intelbras-wrn-150.htmlhttps://nvd.nist.govhttps://github.com/dumitory-dev/CVE-2020-35391-POC
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook