CVE-2019-11415 - An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. A malformed login request allows remot

CVE-2019-11415

Summary

An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""} string to v1/system/login.

References

Vulnerable Configurations

cpe:2.3:o:intelbras:iwr_3000n_firmware:1.5.0:*:*:*:*:*:*:*
cpe:2.3:o:intelbras:iwr_3000n_firmware:1.5.0:*:*:*:*:*:*:*
cpe:2.3:h:intelbras:iwr_3000n:-:*:*:*:*:*:*:*
cpe:2.3:h:intelbras:iwr_3000n:-:*:*:*:*:*:*:*

CVSS

Base:	7.8 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:C

refmap via4

exploit-db	46768
misc	http://packetstormsecurity.com/files/152680/Intelbras-IWR-3000N-Denial-Of-Service.html https://1.337.zone/2019/04/08/intelbras-iwr-3000n-any-version-dos-on-malformed-login-request/

Last major update

24-08-2020 - 17:37

Published

22-04-2019 - 11:29

Last modified

24-08-2020 - 17:37