Vulnerabilities > Intelbras
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-02 | CVE-2019-19516 | Cross-Site Request Forgery (CSRF) vulnerability in Intelbras WRN 150 Firmware 1.0.18 Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password. | 4.3 |
| 2019-11-07 | CVE-2019-17222 | Cross-site Scripting vulnerability in Intelbras WRN 150 Firmware 1.0.17 An issue was discovered on Intelbras WRN 150 1.0.17 devices. | 4.3 |
| 2019-10-15 | CVE-2019-17600 | Cross-Site Request Forgery (CSRF) vulnerability in Intelbras IWR 1000N Firmware 1.6.4 Intelbras IWR 1000N 1.6.4 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled. | 10.0 |
| 2019-04-22 | CVE-2019-11416 | Cross-Site Request Forgery (CSRF) vulnerability in Intelbras IWR 3000N Firmware 1.5.0 A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user. | 9.3 |
| 2019-04-22 | CVE-2019-11415 | Unspecified vulnerability in Intelbras IWR 3000N Firmware 1.5.0 An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. | 7.8 |
| 2019-04-22 | CVE-2019-11414 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Intelbras IWR 3000N Firmware 1.5.0 An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. | 4.3 |
| 2018-10-10 | CVE-2018-17337 | Cross-site Scripting vulnerability in Intelbras Nplug Firmware 1.0.0.14 Intelbras NPLUG 1.0.0.14 devices have XSS via a crafted SSID that is received via a network broadcast. | 4.3 |
| 2018-10-10 | CVE-2018-12456 | Cross-Site Request Forgery (CSRF) vulnerability in Intelbras Nplug Firmware 1.0.0.14 Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web interface, allowing attackers to perform actions such as changing the wireless SSID, rebooting the device, editing access control lists, or activating remote access. | 6.8 |
| 2018-10-10 | CVE-2018-12455 | Improper Authentication vulnerability in Intelbras Nplug Firmware 1.0.0.14 Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an attacker to authenticate in the web interface just by using "admin:" as the name of a cookie. | 9.3 |
| 2018-08-15 | CVE-2018-10369 | Cross-site Scripting vulnerability in Intelbras WIN 240 Firmware 1.1.0 A Cross-site scripting (XSS) vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. | 9.8 |