Lucene search
+L

575 matches found

cve
cve
added 2019/04/21 7:38 p.m.68 views

CVE-2019-11416

Intelbras IWR 3000N (firmware 1.5.0) is affected by a CSRF vulnerability that allows an attacker with network access to gain complete router control via v1/system/user. Root cause is a CSRF weakness enabling unauthorized configuration changes without proper authorization. Impact per sources is hi...

9.3CVSS8.7AI score0.0389EPSS
Exploits5References3Affected Software1
cvelist
cvelist
added 2019/04/21 7:38 p.m.62 views

CVE-2019-11416

A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user...

8.8AI score0.0389EPSS
Exploits5References3
cve
cve
added 2019/04/21 7:38 p.m.67 views

CVE-2019-11415

CVE-2019-11415 affects Intelbras IWR 3000N devices (firmware 1.5.0). A malformed login request leads to remote denial of service (reboot) via JSON misparsing of the "}" string to v1/system/login. Impact: availability (HIGH). Remediation: upgrade to iwr-3000n-1.8.7_0 per advisories; PoC/exploit re...

7.8CVSS7.3AI score0.13743EPSS
Exploits5References3Affected Software1
cve
cve
added 2019/04/21 7:38 p.m.44 views

CVE-2019-11414

CVE-2019-11414 affects Intelbras IWR 3000N devices running 1.5.0. The issue: when the administrator password is changed from a specific client IP address, administrative authorization remains available to any client at that IP, allowing complete control of the router. Root cause and detailed mech...

8.8CVSS8.7AI score0.01324EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2019/04/21 7:38 p.m.20 views

CVE-2019-11414

An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router...

8.8AI score0.01324EPSS
Exploits1References1
openvas
openvas
added 2018/11/29 12:0 a.m.39 views

Intelbras NCLOUD 300 Router Default Credentials (Telnet)

Intelbras NCLOUD 300 Router have a default telnet password set. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References1
openvas
openvas
added 2018/11/29 12:0 a.m.14 views

Intelbras NCLOUD Devices Detection (HTTP)

HTTP based detection of Intelbras NCLOUD devices. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:embedthis:goahead"; ifdescripti...

7.4AI score
Exploits0References1
cnvd
cnvd
added 2018/10/12 12:0 a.m.5 views

Intelbras NPLUG Cross-Site Scripting Vulnerability

Intelbras NPLUG is a wireless relay device from Intelbras Poland. A cross-site scripting vulnerability exists in Intelbras NPLUG version 1.0.0.14. The vulnerability can be exploited by remote attackers to inject arbitrary web script or HTML via a specially crafted SSID...

6.1CVSS5.9AI score0.00675EPSS
Exploits3References1
cnvd
cnvd
added 2018/10/12 12:0 a.m.4 views

Intelbras NPLUG License Issue Vulnerability

Intelbras NPLUG is a wireless relay device from Intelbras Poland. Intelbras NPLUG is vulnerable to an authorization issue. An attacker could exploit this vulnerability to bypass authentication...

9.3CVSS6.9AI score0.05867EPSS
Exploits3References1
osv
osv
added 2018/10/10 9:29 p.m.5 views

CVE-2018-17337

Intelbras NPLUG 1.0.0.14 devices have XSS via a crafted SSID that is received via a network broadcast...

6.1CVSS5.8AI score0.00675EPSS
Exploits3References1
nvd
nvd
added 2018/10/10 9:29 p.m.18 views

CVE-2018-17337

Intelbras NPLUG 1.0.0.14 devices have XSS via a crafted SSID that is received via a network broadcast...

6.1CVSS6AI score0.00675EPSS
Exploits3References1
nvd
nvd
added 2018/10/10 9:29 p.m.19 views

CVE-2018-12456

Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web interface, allowing attackers to perform actions such as changing the wireless SSID, rebooting the device, editing access control lists, or activating remote access...

8.8CVSS8.8AI score0.00889EPSS
Exploits3References1
nvd
nvd
added 2018/10/10 9:29 p.m.20 views

CVE-2018-12455

Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an attacker to authenticate in the web interface just by using "admin:" as the name of a cookie...

9.3CVSS8.1AI score0.05867EPSS
Exploits3References1
osv
osv
added 2018/10/10 9:29 p.m.5 views

CVE-2018-12455

Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an attacker to authenticate in the web interface just by using "admin:" as the name of a cookie...

8.1CVSS5.8AI score0.05867EPSS
Exploits3References1
prion
prion
added 2018/10/10 9:29 p.m.20 views

Cross site request forgery (csrf)

Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web interface, allowing attackers to perform actions such as changing the wireless SSID, rebooting the device, editing access control lists, or activating remote access...

6.8CVSS8.7AI score0.00889EPSS
Exploits3References1Affected Software1
prion
prion
added 2018/10/10 9:29 p.m.15 views

Design/Logic Flaw

Intelbras NPLUG 1.0.0.14 devices have XSS via a crafted SSID that is received via a network broadcast...

4.3CVSS5.9AI score0.00675EPSS
Exploits3References1Affected Software1
prion
prion
added 2018/10/10 9:29 p.m.18 views

Spoofing

Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an attacker to authenticate in the web interface just by using "admin:" as the name of a cookie...

9.3CVSS7.9AI score0.05867EPSS
Exploits3References1Affected Software1
cvelist
cvelist
added 2018/10/10 9:0 p.m.27 views

CVE-2018-12456

Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web interface, allowing attackers to perform actions such as changing the wireless SSID, rebooting the device, editing access control lists, or activating remote access...

8.8AI score0.00889EPSS
Exploits3References1
cve
cve
added 2018/10/10 9:0 p.m.70 views

CVE-2018-12455

CVE-2018-12455 affects Intelbras NPLUG 1.0.0.14. The NPLUG device is vulnerable to authentication bypass via a cookie named "admin:", enabling unauthenticated access to the web interface and risking exposure of credentials and configuration. Connected sources (Nuclei template, CNVD/CVE lists, and...

9.3CVSS7.9AI score0.05867EPSS
Exploits3References1Affected Software1
cve
cve
added 2018/10/10 9:0 p.m.47 views

CVE-2018-12456

Vulnerability summary (CVE-2018-12456): Intelbras NPLUG 1.0.0.14 wireless repeater web interface lacks CSRF token protection, enabling a CSRF-based attack that can modify the SSID, reboot the device, edit the access control list, or activate remote access. The CNVD entry confirms the CSRF vulnera...

8.8CVSS8.7AI score0.00889EPSS
Exploits3References1Affected Software1
Rows per page
Query Builder