575 matches found
CVE-2018-17337
Intelbras NPLUG 1.0.0.14 devices have XSS via a crafted SSID that is received via a network broadcast...
CVE-2018-12455
Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an attacker to authenticate in the web interface just by using "admin:" as the name of a cookie...
CVE-2018-17337
CVE-2018-17337 affects Intelbras NPLUG 1.0.0.14. The connected documents confirm a cross-site scripting (XSS) vulnerability that can be triggered by a specially crafted SSID received over a network broadcast. The root cause is the handling of SSID data leading to script/HTML injection. The report...
NPLUG Wireless Repeater 1.0.0.14 CSRF / XSS / Authentication Bypass
===== Tempest Security Intelligence ===================================== Multiple vulnerabilities in NPLUG wireless repeater CVE-2018-12455: Authentication bypass CVE-2018-12456: Multiple CSRF CVE-2018-17337: XSS via SSID ------------------------------------------------------- Author: - Patrick...
Intelbras Win 240 Cross-Site Scripting Vulnerability
The Intelbras Win 240 is a wireless router from Intelbras Brazil. A cross-site scripting vulnerability exists in Intelbras Win 240 version 1.1.0. A remote attacker can exploit the vulnerability to change the Admin password...
CVE-2018-10369
A Cross-site scripting XSS vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. An attacker can change the Admin Password without a Login...
Cross site scripting
A Cross-site scripting XSS vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. An attacker can change the Admin Password without a Login...
CVE-2018-10369
A Cross-site scripting XSS vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. An attacker can change the Admin Password without a Login...
CVE-2018-10369
A Cross-site scripting XSS vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. An attacker can change the Admin Password without a Login...
CVE-2018-10369
CVE-2018-10369 affects Intelbras Win 240 router (V1.1.0). The vulnerability is a Cross‑Site Scripting (XSS) flaw in the device’s web interface that allows an attacker to change the Admin password without authentication. Multiple sources (NVD, CNVD, PRION, CVE list) corroborate the XSS impact on I...
Intelbras NCLOUD 300 Router Authentication Bypass Vulnerability
The authentication in Intelbras NCLOUD 300 Routers can be bypassed. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Intelbras NCLOUD 300 1.0 Authentication Bypass
coding: utf-8 Exploit Title: Intelbras NCloud Authentication bypass Date: 16/05/2018 Exploit Author: Pedro Aguiar - [email protected] Vendor Homepage: http://www.intelbras.com.br/ Software Link: http://www.intelbras.com.br/empresarial/wi-fi/para-sua-casa/roteadores/ncloud Version: 1.0 Test...
Intelbras NCLOUD 300 1.0 - Authentication bypass Exploit
Exploit for hardware platform in category web applications coding: utf-8 Exploit Title: Intelbras NCloud Authentication bypass Date: 16/05/2018 Exploit Author: Pedro Aguiar - email protected Vendor Homepage: http://www.intelbras.com.br/ Software Link:...
Intelbras NCLOUD 300 1.0 - Authentication bypass
Intelbras NCLOUD 300 1.0 - Authentication bypass coding: utf-8 Exploit Title: Intelbras NCloud Authentication bypass Date: 16/05/2018 Exploit Author: Pedro Aguiar - [email protected] Vendor Homepage: http://www.intelbras.com.br/ Software Link:...
Intelbras NCLOUD 300 1.0 - Authentication bypass
coding: utf-8 Exploit Title: Intelbras NCloud Authentication bypass Date: 16/05/2018 Exploit Author: Pedro Aguiar - [email protected] Vendor Homepage: http://www.intelbras.com.br/ Software Link: http://www.intelbras.com.br/empresarial/wi-fi/para-sua-casa/roteadores/ncloud Version: 1.0 Test...
CVE-2018-11094
An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, password, and...
CVE-2018-11094
An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, password, and...
Authentication flaw
An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, password, and...
CVE-2018-11094
An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, password, and...
CVE-2018-11094
CVE-2018-11094 — Intelbras NCLOUD 300 1.0 Authentication bypass . Public sources describe endpoints that do not require authentication: /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings. An HTTP POST to /cgi-bin/ExportSettings.sh can disclose the we...