6 matches found
Intelbras WRN 150 - Authentication Bypass
Intelbras WRN 150 router is vulnerable to authentication bypass through cookie manipulation. An attacker can bypass authentication and download the router configuration file by manipulating the admin:language cookie. id: CVE-2017-14942 info: name: Intelbras WRN 150 - Authentication Bypass author:...
CVE-2017-14942
Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie...
CVE-2017-14942
creationtimestamp| type| source ---|---|--- 2021-01-01 12:32:40+00:00| seen| https://t.me/cibsecurity/21508 2025-06-03 12:57:32+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2017/CVE-2017-14942.yaml 2025-06-04 21:02:21+00:00| seen|...
CVE-2020-35391
Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information possibly including an httppasswd line via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg, a related issue to CVE-2017-14942. NOTE: the vulnerability report may suggest that either a ? character must b...
Design/Logic Flaw
Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information possibly including an httppasswd line via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg, a related issue to CVE-2017-14942. NOTE: the vulnerability report may suggest that either a ? character must b...
CVE-2017-14942
CVE-2017-14942 affects the Intelbras WRN 150 router. The issue is an authentication bypass via cookie manipulation: an attacker can force a direct request to cgi-bin/DownloadCfg/RouterCfm.cfg using an admin:language cookie to read the router’s configuration file. This exposes credentials and sens...