Описание
Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie.
Ссылки
- ExploitURL Repurposed
- ExploitThird Party AdvisoryVDB Entry
- ExploitURL Repurposed
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:intelbras:wrn_150_firmware:1.0.1:*:*:*:*:*:*:*
cpe:2.3:h:intelbras:wrn_150:-:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01009
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-552
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie.
EPSS
Процентиль: 77%
0.01009
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-552