A Cross-site scripting (XSS) vulnerability exists on Intelbras Win 240 V1.1.0 devices. An attacker can change the Admin Password without a Login.
intelbras win_240_firmware 1.1.0