| |
Vulnerability CVE-2018-12455
Published: 2018-10-10
Description: |
Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an attacker to authenticate in the web interface just by using "admin:" as the name of a cookie. |
See advisories in our WLB2 database:
|
Topic |
Author |
Date |
Med. |
| Patrick Costa | 11.10.2018 |
Type:
CWE-287 (Improper Authentication)
CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
9.3/10 |
10/10 |
8.6/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
Complete |
Complete |
Complete |
References: |
http://seclists.org/fulldisclosure/2018/Oct/18
|
|
Related CVE |
|
Intelbras NPLUG 1.0.0.14 devices have XSS via a crafted SSID that is received via a network broadcast. |
CVE-2018-12456 |
Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web interface, allowing attackers to perform actions such as changing the wireless SSID, rebooting the device, editing access control lists, or activating remote ... |
CVE-2018-10369 |
A Cross-site scripting (XSS) vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. An attacker can change the Admin Password without a Login. |
CVE-2018-11094 |
An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/E... |
CVE-2018-9010 |
Intelbras TELEFONE IP TIP200/200 LITE 60.0.75.29 devices allow remote authenticated admins to read arbitrary files via the /cgi-bin/cgiServer.exx page parameter, aka absolute path traversal. In some cases, authentication can be achieved via the admin... |
CVE-2017-14942 |
Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie. |
CVE-2017-14219 |
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. |
|
|
|
closedb();
?>
Copyright 2019, cxsecurity.com
|
|
|