Published: 22/04/2019 Updated: 06/05/2019

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

A CSRF issue exists on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user.

Vulnerable Product	Search on Vulmon	Subscribe to Product
intelbras iwr_3000n_firmware 1.5.0

<!-- PoC based on CVE-2019-11416 created by Social Engineering Neo Credit: 1337zone/2019/04/08/intelbras-iwr-3000n-1-5-0-csrf-lead-to-router-takeover/ Due to inexistent authorization on router API on authenticated IP addresses, an attacker can use this weak spot to change router configurations and take the current admini ...

Intelbras IWR 3000N version 150 proof of concept cross site request forgery exploit ...

CWE-352 https://1.337.zone/2019/04/08/intelbras-iwr-3000n-1-5-0-csrf-lead-to-router-takeover/https://www.exploit-db.com/exploits/46770/http://packetstormsecurity.com/files/152682/Intelbras-IWR-3000N-1.5.0-Cross-Site-Request-Forgery.html https://nvd.nist.gov https://www.exploit-db.com/exploits/46770

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-11416

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect