Intelbras » Wrn 150 Firmware : Security Vulnerabilities, CVEs,
Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password.
Max CVSS
6.5
EPSS Score
0.10%
Published
2019-12-02
Updated
2019-12-13
An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the configuration).
Max CVSS
6.1
EPSS Score
0.09%
Published
2019-11-07
Updated
2019-11-12
Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie.
Max CVSS
9.8
EPSS Score
2.09%
Published
2017-09-30
Updated
2019-10-03
3 vulnerabilities found