Vulnerabilities > Intelbras

DATE CVE VULNERABILITY TITLE RISK
2020-11-27 CVE-2020-12262 Cross-Site Scripting vulnerability in Intelbras products
Intelbras TIP200 60.61.75.15, TIP200LITE 60.61.75.15, and TIP300 65.61.75.15 devices allow /cgi-bin/cgiServer.exx?page= XSS.
network
intelbras CWE-79
3.5
2020-11-26 CVE-2020-13886 Path Traversal vulnerability in Intelbras products
Intelbras TIP 200 60.61.75.15, TIP 200 LITE 60.61.75.15, and TIP 300 65.61.75.22 devices allow cgi-bin/cgiServer.exx?page=../ Directory Traversal.
network
low complexity
intelbras CWE-22
5.0
2020-05-05 CVE-2020-8829 Cross-Site Request Forgery (CSRF) vulnerability in Intelbras CIP 92200 Firmware
CSRF on Intelbras CIP 92200 devices allows an attacker to access the panel and perform scraping or other analysis.
network
intelbras CWE-352
6.8
2020-05-05 CVE-2019-19517 Cross-Site Request Forgery (CSRF) vulnerability in Intelbras Action RF 1200 Firmware 1.1.3
Intelbras RF1200 1.1.3 devices allow CSRF to bypass the login.html form, as demonstrated by launching a scrapy process.
network
intelbras CWE-352
6.8
2020-01-17 CVE-2019-19142 Missing Authentication FOR Critical Function vulnerability in Intelbras WRN 240 Firmware 2.0.0
Intelbras WRN240 devices do not require authentication to replace the firmware via a POST request to the incoming/Firmware.cfg URI.
network
low complexity
intelbras CWE-306
5.0
2020-01-05 CVE-2019-20004 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Intelbras IWR 3000N Firmware 1.8.7
An issue was discovered on Intelbras IWR 3000N 1.8.7 devices.
network
intelbras CWE-640
4.3
2019-12-26 CVE-2019-19996 Improper Input Validation vulnerability in Intelbras IWR 3000N Firmware 1.8.7
An issue was discovered on Intelbras IWR 3000N 1.8.7 devices.
network
low complexity
intelbras CWE-20
7.8
2019-12-26 CVE-2019-19995 Cross-Site Request Forgery (CSRF) vulnerability in Intelbras IWR 3000N Firmware 1.8.7
A CSRF issue was discovered on Intelbras IWR 3000N 1.8.7 devices, leading to complete control of the router, as demonstrated by v1/system/user.
network
intelbras CWE-352
critical
9.3
2019-12-05 CVE-2019-19007 Information Exposure vulnerability in Intelbras IWR 3000N Firmware 1.8.7
Intelbras IWR 3000N 1.8.7 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled, a related issue to CVE-2019-17600.
network
low complexity
intelbras CWE-200
critical
9.0
2019-12-02 CVE-2019-19516 Cross-Site Request Forgery (CSRF) vulnerability in Intelbras WRN 150 Firmware 1.0.18
Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password.
network
intelbras CWE-352
4.3