Vulnerabilities > Intelbras

DATE CVE VULNERABILITY TITLE RISK
2019-04-22 CVE-2019-11416 Cross-Site Request Forgery (CSRF) vulnerability in Intelbras IWR 3000N Firmware 1.5.0
A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user.
network
intelbras CWE-352
critical
9.3
2019-04-22 CVE-2019-11415 Unspecified vulnerability in Intelbras IWR 3000N Firmware 1.5.0
An issue was discovered on Intelbras IWR 3000N 1.5.0 devices.
network
low complexity
intelbras
7.8
2019-04-22 CVE-2019-11414 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Intelbras IWR 3000N Firmware 1.5.0
An issue was discovered on Intelbras IWR 3000N 1.5.0 devices.
network
intelbras CWE-640
4.3
2018-10-10 CVE-2018-17337 Cross-site Scripting vulnerability in Intelbras Nplug Firmware 1.0.0.14
Intelbras NPLUG 1.0.0.14 devices have XSS via a crafted SSID that is received via a network broadcast.
network
intelbras CWE-79
4.3
2018-10-10 CVE-2018-12456 Cross-Site Request Forgery (CSRF) vulnerability in Intelbras Nplug Firmware 1.0.0.14
Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web interface, allowing attackers to perform actions such as changing the wireless SSID, rebooting the device, editing access control lists, or activating remote access.
network
intelbras CWE-352
6.8
2018-10-10 CVE-2018-12455 Improper Authentication vulnerability in Intelbras Nplug Firmware 1.0.0.14
Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an attacker to authenticate in the web interface just by using "admin:" as the name of a cookie.
network
intelbras CWE-287
critical
9.3
2018-08-15 CVE-2018-10369 Cross-site Scripting vulnerability in Intelbras WIN 240 Firmware 1.1.0
A Cross-site scripting (XSS) vulnerability was discovered on Intelbras Win 240 V1.1.0 devices.
network
low complexity
intelbras CWE-79
critical
9.8
2018-05-15 CVE-2018-11094 Use of Hard-coded Credentials vulnerability in Intelbras Ncloud 300 Firmware 1.0
An issue was discovered on Intelbras NCLOUD 300 1.0 devices.
network
low complexity
intelbras CWE-798
critical
10.0
2018-03-25 CVE-2018-9010 Path Traversal vulnerability in Intelbras Tip200 Firmware and Tip200Lite Firmware
Intelbras TELEFONE IP TIP200/200 LITE 60.0.75.29 devices allow remote authenticated admins to read arbitrary files via the /cgi-bin/cgiServer.exx page parameter, aka absolute path traversal.
network
low complexity
intelbras CWE-22
4.0
2017-09-30 CVE-2017-14942 Files or Directories Accessible to External Parties vulnerability in Intelbras WRN 150 Firmware 1.0.1
Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie.
network
low complexity
intelbras CWE-552
critical
9.8