Vulnerabilities > Intelbras > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-15 | CVE-2019-17600 | Cross-Site Request Forgery (CSRF) vulnerability in Intelbras IWR 1000N Firmware 1.6.4 Intelbras IWR 1000N 1.6.4 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled. | 10.0 |
| 2019-04-22 | CVE-2019-11416 | Cross-Site Request Forgery (CSRF) vulnerability in Intelbras IWR 3000N Firmware 1.5.0 A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user. | 9.3 |
| 2018-10-10 | CVE-2018-12455 | Improper Authentication vulnerability in Intelbras Nplug Firmware 1.0.0.14 Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an attacker to authenticate in the web interface just by using "admin:" as the name of a cookie. | 9.3 |
| 2018-08-15 | CVE-2018-10369 | Cross-site Scripting vulnerability in Intelbras WIN 240 Firmware 1.1.0 A Cross-site scripting (XSS) vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. | 9.8 |
| 2018-05-15 | CVE-2018-11094 | Use of Hard-coded Credentials vulnerability in Intelbras Ncloud 300 Firmware 1.0 An issue was discovered on Intelbras NCLOUD 300 1.0 devices. | 10.0 |
| 2017-09-30 | CVE-2017-14942 | Files or Directories Accessible to External Parties vulnerability in Intelbras WRN 150 Firmware 1.0.1 Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie. | 9.8 |