This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Intelbras | First view | 2017-09-29 |
| Product | Wrn 150 Firmware | Last view | 2019-12-02 |
| Version | Type | Os | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 6.5 | 2019-12-02 | CVE-2019-19516 | Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password. |
| 6.1 | 2019-11-07 | CVE-2019-17222 | An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the configuration). |
| 9.8 | 2017-09-29 | CVE-2017-14942 | Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 33% (1) | CWE-552 | Files or Directories Accessible to External Parties |
| 33% (1) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 33% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
