An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router.
8.8CVSS
8.7AI Score
0.002EPSS
An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the ""} string to v1/system/login.
7.5CVSS
7.3AI Score
0.036EPSS
A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user.
8.8CVSS
8.7AI Score
0.007EPSS
Intelbras IWR 3000N 1.8.7 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled, a related issue to CVE-2019-17600.
7.2CVSS
8.3AI Score
0.008EPSS
A CSRF issue was discovered on Intelbras IWR 3000N 1.8.7 devices, leading to complete control of the router, as demonstrated by v1/system/user.
8.8CVSS
8.6AI Score
0.001EPSS
An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the ""} string to v1/system/login.
7.5CVSS
7.4AI Score
0.002EPSS
An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router.
8.8CVSS
8.7AI Score
0.002EPSS