Summary
Detail | |||
---|---|---|---|
Vendor | Intelbras | First view | 2019-04-22 |
Product | Iwr 3000n Firmware | Last view | 2019-04-22 |
Version | 1.5.0 | Type | Os |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:o:intelbras:iwr_3000n_firmware |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
8.8 | 2019-04-22 | CVE-2019-11416 | A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user. |
7.5 | 2019-04-22 | CVE-2019-11415 | An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""} string to v1/system/login. |
8.8 | 2019-04-22 | CVE-2019-11414 | An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
50% (1) | CWE-640 | Weak Password Recovery Mechanism for Forgotten Password |
50% (1) | CWE-352 | Cross-Site Request Forgery (CSRF) |