Search criteria
9 vulnerabilities found for wrn_150_firmware by intelbras
FKIE_CVE-2019-19516
Vulnerability from fkie_nvd - Published: 2019-12-02 23:15 - Updated: 2024-11-21 04:34
Severity ?
Summary
Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/155557/Intelbras-Router-RF1200-1.1.3-Cross-Site-Request-Forgery.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.exploit-db.com/exploits/47545 | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/155557/Intelbras-Router-RF1200-1.1.3-Cross-Site-Request-Forgery.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/47545 | Exploit, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intelbras | wrn_150_firmware | 1.0.18 | |
| intelbras | wrn_150 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intelbras:wrn_150_firmware:1.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "681A88BD-6414-4786-B81A-17FAC5EB87DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intelbras:wrn_150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57C63D22-FBFB-4371-9A9B-6FE7D10DF2DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password."
},
{
"lang": "es",
"value": "Los dispositivos Intelbras WRN 150 versi\u00f3n 1.0.18, permiten una ataque de tipo CSRF por medio del archivo GO=system_password.asp en el URI goform/SysToolChangePwd para cambiar una contrase\u00f1a."
}
],
"id": "CVE-2019-19516",
"lastModified": "2024-11-21T04:34:52.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-02T23:15:11.627",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/155557/Intelbras-Router-RF1200-1.1.3-Cross-Site-Request-Forgery.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/47545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/155557/Intelbras-Router-RF1200-1.1.3-Cross-Site-Request-Forgery.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/47545"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-17222
Vulnerability from fkie_nvd - Published: 2019-11-07 16:15 - Updated: 2024-11-21 04:31
Severity ?
Summary
An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the configuration).
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://www.youtube.com/watch?v=e3sozdDExTM | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.youtube.com/watch?v=e3sozdDExTM | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intelbras | wrn_150_firmware | 1.0.17 | |
| intelbras | wrn_150 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intelbras:wrn_150_firmware:1.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "37655CDB-2465-49C4-BB23-FA143A886D10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intelbras:wrn_150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57C63D22-FBFB-4371-9A9B-6FE7D10DF2DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the configuration)."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en los dispositivos Intelbras WRN versi\u00f3n 150 1.0.17. Se presenta una vulnerabilidad de tipo XSS almacenado en la pesta\u00f1a Service Name de la pantalla de configuraci\u00f3n WAN, conllevando a una denegaci\u00f3n de servicio (incapacidad para cambiar la configuraci\u00f3n)."
}
],
"id": "CVE-2019-17222",
"lastModified": "2024-11-21T04:31:53.583",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-07T16:15:11.017",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.youtube.com/watch?v=e3sozdDExTM"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.youtube.com/watch?v=e3sozdDExTM"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-14942
Vulnerability from fkie_nvd - Published: 2017-09-30 01:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://whiteboyz.xyz/authentication-bypass-intelbras-wrn-150.html | Exploit, URL Repurposed | |
| cve@mitre.org | https://www.exploit-db.com/exploits/42916/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://whiteboyz.xyz/authentication-bypass-intelbras-wrn-150.html | Exploit, URL Repurposed | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/42916/ | Exploit, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intelbras | wrn_150_firmware | 1.0.1 | |
| intelbras | wrn_150 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intelbras:wrn_150_firmware:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDAF6AF4-F93F-4130-8974-0AB5F9310C35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intelbras:wrn_150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57C63D22-FBFB-4371-9A9B-6FE7D10DF2DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie."
},
{
"lang": "es",
"value": "Los dispositivos Intelbras WRN 150 permiten que los atacantes remotos lean el archivo de configuraci\u00f3n y omitan los mecanismos de autenticaci\u00f3n como consecuencia mediante una petici\u00f3n directa a cgi-bin/DownloadCfg/RouterCfm.cfg que contiene una cookie admin:language=pt."
}
],
"id": "CVE-2017-14942",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-30T01:29:02.727",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"URL Repurposed"
],
"url": "http://whiteboyz.xyz/authentication-bypass-intelbras-wrn-150.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42916/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"URL Repurposed"
],
"url": "http://whiteboyz.xyz/authentication-bypass-intelbras-wrn-150.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42916/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-552"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2019-19516 (GCVE-0-2019-19516)
Vulnerability from cvelistv5 – Published: 2019-12-02 22:10 – Updated: 2024-08-05 02:16
VLAI?
Summary
Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:48.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/47545"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155557/Intelbras-Router-RF1200-1.1.3-Cross-Site-Request-Forgery.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-05T00:06:12",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exploit-db.com/exploits/47545"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155557/Intelbras-Router-RF1200-1.1.3-Cross-Site-Request-Forgery.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19516",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.exploit-db.com/exploits/47545",
"refsource": "MISC",
"url": "https://www.exploit-db.com/exploits/47545"
},
{
"name": "http://packetstormsecurity.com/files/155557/Intelbras-Router-RF1200-1.1.3-Cross-Site-Request-Forgery.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155557/Intelbras-Router-RF1200-1.1.3-Cross-Site-Request-Forgery.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19516",
"datePublished": "2019-12-02T22:10:35",
"dateReserved": "2019-12-02T00:00:00",
"dateUpdated": "2024-08-05T02:16:48.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17222 (GCVE-0-2019-17222)
Vulnerability from cvelistv5 – Published: 2019-11-07 15:03 – Updated: 2024-08-05 01:33
VLAI?
Summary
An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the configuration).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:33:17.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.youtube.com/watch?v=e3sozdDExTM"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the configuration)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-07T15:03:12",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.youtube.com/watch?v=e3sozdDExTM"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17222",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the configuration)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.youtube.com/watch?v=e3sozdDExTM",
"refsource": "MISC",
"url": "https://www.youtube.com/watch?v=e3sozdDExTM"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17222",
"datePublished": "2019-11-07T15:03:12",
"dateReserved": "2019-10-06T00:00:00",
"dateUpdated": "2024-08-05T01:33:17.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14942 (GCVE-0-2017-14942)
Vulnerability from cvelistv5 – Published: 2017-09-29 19:00 – Updated: 2024-09-17 02:21
VLAI?
Summary
Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:42:22.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42916",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42916/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://whiteboyz.xyz/authentication-bypass-intelbras-wrn-150.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-29T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42916",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42916/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://whiteboyz.xyz/authentication-bypass-intelbras-wrn-150.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-14942",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42916",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42916/"
},
{
"name": "http://whiteboyz.xyz/authentication-bypass-intelbras-wrn-150.html",
"refsource": "MISC",
"url": "http://whiteboyz.xyz/authentication-bypass-intelbras-wrn-150.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-14942",
"datePublished": "2017-09-29T19:00:00Z",
"dateReserved": "2017-09-29T00:00:00Z",
"dateUpdated": "2024-09-17T02:21:22.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19516 (GCVE-0-2019-19516)
Vulnerability from nvd – Published: 2019-12-02 22:10 – Updated: 2024-08-05 02:16
VLAI?
Summary
Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:48.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/47545"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155557/Intelbras-Router-RF1200-1.1.3-Cross-Site-Request-Forgery.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-05T00:06:12",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exploit-db.com/exploits/47545"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155557/Intelbras-Router-RF1200-1.1.3-Cross-Site-Request-Forgery.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19516",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.exploit-db.com/exploits/47545",
"refsource": "MISC",
"url": "https://www.exploit-db.com/exploits/47545"
},
{
"name": "http://packetstormsecurity.com/files/155557/Intelbras-Router-RF1200-1.1.3-Cross-Site-Request-Forgery.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155557/Intelbras-Router-RF1200-1.1.3-Cross-Site-Request-Forgery.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19516",
"datePublished": "2019-12-02T22:10:35",
"dateReserved": "2019-12-02T00:00:00",
"dateUpdated": "2024-08-05T02:16:48.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17222 (GCVE-0-2019-17222)
Vulnerability from nvd – Published: 2019-11-07 15:03 – Updated: 2024-08-05 01:33
VLAI?
Summary
An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the configuration).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:33:17.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.youtube.com/watch?v=e3sozdDExTM"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the configuration)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-07T15:03:12",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.youtube.com/watch?v=e3sozdDExTM"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17222",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the configuration)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.youtube.com/watch?v=e3sozdDExTM",
"refsource": "MISC",
"url": "https://www.youtube.com/watch?v=e3sozdDExTM"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17222",
"datePublished": "2019-11-07T15:03:12",
"dateReserved": "2019-10-06T00:00:00",
"dateUpdated": "2024-08-05T01:33:17.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14942 (GCVE-0-2017-14942)
Vulnerability from nvd – Published: 2017-09-29 19:00 – Updated: 2024-09-17 02:21
VLAI?
Summary
Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:42:22.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42916",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42916/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://whiteboyz.xyz/authentication-bypass-intelbras-wrn-150.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-29T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42916",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42916/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://whiteboyz.xyz/authentication-bypass-intelbras-wrn-150.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-14942",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42916",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42916/"
},
{
"name": "http://whiteboyz.xyz/authentication-bypass-intelbras-wrn-150.html",
"refsource": "MISC",
"url": "http://whiteboyz.xyz/authentication-bypass-intelbras-wrn-150.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-14942",
"datePublished": "2017-09-29T19:00:00Z",
"dateReserved": "2017-09-29T00:00:00Z",
"dateUpdated": "2024-09-17T02:21:22.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}