Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-19516 | 1 Intelbras | 2 Wrn 150, Wrn 150 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password. | |||||
CVE-2019-17222 | 1 Intelbras | 2 Wrn 150, Wrn 150 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the configuration). | |||||
CVE-2017-14942 | 1 Intelbras | 2 Wrn 150, Wrn 150 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie. |