Filtered by vendor Intelbras
Subscriptions
Total
46 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-32403 | 1 Intelbras | 2 Rf 301k, Rf 301k Firmware | 2024-11-21 | 8.8 High |
Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) due to lack of security mechanisms for token protection and unsafe inputs and modules. | ||||
CVE-2021-32402 | 1 Intelbras | 2 Rf 301k, Rf 301k Firmware | 2024-11-21 | 8.8 High |
Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) due to lack of validation and insecure configurations in inputs and modules. | ||||
CVE-2020-8829 | 1 Intelbras | 2 Cip 92200, Cip 92200 Firmware | 2024-11-21 | 8.8 High |
CSRF on Intelbras CIP 92200 devices allows an attacker to access the panel and perform scraping or other analysis. | ||||
CVE-2020-24285 | 1 Intelbras | 4 Tip200, Tip200 Firmware, Tip200lite and 1 more | 2024-11-21 | 7.5 High |
INTELBRAS TELEFONE IP TIP200 version 60.61.75.22 allows an attacker to obtain sensitive information through /cgi-bin/cgiServer.exx. | ||||
CVE-2020-13886 | 1 Intelbras | 6 Tip200, Tip200 Firmware, Tip200lite and 3 more | 2024-11-21 | 5.3 Medium |
Intelbras TIP 200 60.61.75.15, TIP 200 LITE 60.61.75.15, and TIP 300 65.61.75.22 devices allow cgi-bin/cgiServer.exx?page=../ Directory Traversal. | ||||
CVE-2020-12262 | 1 Intelbras | 6 Tip200, Tip200 Firmware, Tip200lite and 3 more | 2024-11-21 | 5.4 Medium |
Intelbras TIP200 60.61.75.15, TIP200LITE 60.61.75.15, and TIP300 65.61.75.15 devices allow /cgi-bin/cgiServer.exx?page= XSS. | ||||
CVE-2019-20004 | 1 Intelbras | 2 Iwr 3000n, Iwr 3000n Firmware | 2024-11-21 | 8.8 High |
An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router. | ||||
CVE-2019-19996 | 1 Intelbras | 2 Iwr 3000n, Iwr 3000n Firmware | 2024-11-21 | 7.5 High |
An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""} string to v1/system/login. | ||||
CVE-2019-19995 | 1 Intelbras | 2 Iwr 3000n, Iwr 3000n Firmware | 2024-11-21 | 8.8 High |
A CSRF issue was discovered on Intelbras IWR 3000N 1.8.7 devices, leading to complete control of the router, as demonstrated by v1/system/user. | ||||
CVE-2019-19517 | 1 Intelbras | 2 Action Rf 1200, Action Rf 1200 Firmware | 2024-11-21 | 8.8 High |
Intelbras RF1200 1.1.3 devices allow CSRF to bypass the login.html form, as demonstrated by launching a scrapy process. | ||||
CVE-2019-19516 | 1 Intelbras | 2 Wrn 150, Wrn 150 Firmware | 2024-11-21 | 6.5 Medium |
Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password. | ||||
CVE-2019-19142 | 1 Intelbras | 2 Wrn 240, Wrn 240 Firmware | 2024-11-21 | 7.5 High |
Intelbras WRN240 devices do not require authentication to replace the firmware via a POST request to the incoming/Firmware.cfg URI. | ||||
CVE-2019-19007 | 1 Intelbras | 2 Iwr 3000n, Iwr 3000n Firmware | 2024-11-21 | 7.2 High |
Intelbras IWR 3000N 1.8.7 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled, a related issue to CVE-2019-17600. | ||||
CVE-2019-17600 | 1 Intelbras | 2 Iwr 1000n, Iwr 1000n Firmware | 2024-11-21 | 9.8 Critical |
Intelbras IWR 1000N 1.6.4 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled. | ||||
CVE-2019-17222 | 1 Intelbras | 2 Wrn 150, Wrn 150 Firmware | 2024-11-21 | 6.1 Medium |
An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the configuration). | ||||
CVE-2019-11416 | 1 Intelbras | 2 Iwr 3000n, Iwr 3000n Firmware | 2024-11-21 | N/A |
A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user. | ||||
CVE-2019-11415 | 1 Intelbras | 2 Iwr 3000n, Iwr 3000n Firmware | 2024-11-21 | N/A |
An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""} string to v1/system/login. | ||||
CVE-2019-11414 | 1 Intelbras | 2 Iwr 3000n, Iwr 3000n Firmware | 2024-11-21 | N/A |
An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router. | ||||
CVE-2018-9010 | 1 Intelbras | 4 Tip200, Tip200 Firmware, Tip200lite and 1 more | 2024-11-21 | 7.2 High |
Intelbras TELEFONE IP TIP200/200 LITE 60.0.75.29 devices allow remote authenticated admins to read arbitrary files via the /cgi-bin/cgiServer.exx page parameter, aka absolute path traversal. In some cases, authentication can be achieved via the admin account with its default admin password. | ||||
CVE-2018-17337 | 1 Intelbras | 2 Nplug, Nplug Firmware | 2024-11-21 | N/A |
Intelbras NPLUG 1.0.0.14 devices have XSS via a crafted SSID that is received via a network broadcast. |