Shodan
Vulnerabilities
Vulnerable Software
Intelbras:  Security Vulnerabilities
CVE-2022-40005
Intelbras WiFiber 120AC inMesh before 1-1-220826 allows command injection by authenticated users, as demonstrated by the /boaform/formPing6 and /boaform/formTracert URIs for ping and traceroute.
CVSS Score
8.8
EPSS Score
0.034
Published
2022-12-25
CVE-2022-43308
INTELBRAS SG 2404 MR 20180928-rel64938 allows authenticated attackers to arbitrarily create Administrator accounts via crafted user cookies.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-11-18
CVE-2022-24654
Authenticated stored cross-site scripting (XSS) vulnerability in "Field Server Address" field in INTELBRAS ATA 200 Firmware 74.19.10.21 allows attackers to inject JavaScript code through a crafted payload.
CVSS Score
5.4
EPSS Score
0.023
Published
2022-08-15
CVE-2021-32402
Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) due to lack of validation and insecure configurations in inputs and modules.
CVSS Score
8.8
EPSS Score
0.001
Published
2021-05-17
CVE-2021-32403
Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) due to lack of security mechanisms for token protection and unsafe inputs and modules.
CVSS Score
8.8
EPSS Score
0.004
Published
2021-05-17
CVE-2021-3017
The web interface on Intelbras WIN 300 and WRN 342 devices through 2021-01-04 allows remote attackers to discover credentials by reading the def_wirelesspassword line in the HTML source code.
CVSS Score
7.5
EPSS Score
0.804
Published
2021-04-14
CVE-2020-24285
INTELBRAS TELEFONE IP TIP200 version 60.61.75.22 allows an attacker to obtain sensitive information through /cgi-bin/cgiServer.exx.
CVSS Score
7.5
EPSS Score
0.131
Published
2021-04-12
CVE-2020-12262
Intelbras TIP200 60.61.75.15, TIP200LITE 60.61.75.15, and TIP300 65.61.75.15 devices allow /cgi-bin/cgiServer.exx?page= XSS.
CVSS Score
5.4
EPSS Score
0.011
Published
2020-11-27
CVE-2020-13886
Intelbras TIP 200 60.61.75.15, TIP 200 LITE 60.61.75.15, and TIP 300 65.61.75.22 devices allow cgi-bin/cgiServer.exx?page=../ Directory Traversal.
CVSS Score
5.3
EPSS Score
0.018
Published
2020-11-26
CVE-2019-19517
Intelbras RF1200 1.1.3 devices allow CSRF to bypass the login.html form, as demonstrated by launching a scrapy process.
CVSS Score
8.8
EPSS Score
0.001
Published
2020-05-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved