CVE-2024-22773
https://notcve.org/view.php?id=CVE-2024-22773
Intelbras Action RF 1200 routers 1.2.2 and earlier and Action RG 1200 routers 2.1.7 and earlier expose the Password in Cookie resulting in Login Bypass. Intelbras Roteador ACtion RF 1200 1.2.2 introduce la Contraseña en Cookie, lo que resulta en Omisión de Inicio de Sesión. • https://medium.com/%40wagneralves_87750/poc-cve-2024-22773-febf0d3a5433 https://www.intelbras.com/en/router-wi-fi-5-dual-band-ac-1200-action-rf-1200 https://www.intelbras.com/en/router-wi-fi-5-dual-band-ac-1200-with-giga-port-action-rg-1200 https://www.youtube.com/watch?v=-r0TWJq55DU&t=7s • CWE-922: Insecure Storage of Sensitive Information •
CVE-2019-19517
https://notcve.org/view.php?id=CVE-2019-19517
Intelbras RF1200 1.1.3 devices allow CSRF to bypass the login.html form, as demonstrated by launching a scrapy process. Los dispositivos Intelbras RF1200 versión 1.1.3, permiten un ataque de tipo CSRF para omitir el formulario login.html, como es demostrado al iniciar un proceso de scrapy. • https://gist.github.com/CyberSecurityUP/26c5b032897630fe8407da4a8ef216d4 • CWE-352: Cross-Site Request Forgery (CSRF) •