1 results (0.003 seconds)
CVSS: 10.0EPSS: 7%CPEs: 2EXPL: 2
CVE-2018-11094 – Intelbras NCLOUD 300 1.0 - Authentication bypass
https://notcve.org/view.php?id=CVE-2018-11094
An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, password, and other details are retrieved. Se ha descubierto un problema en dispositivos Intelbras NCLOUD 300 1.0. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem y /goform/vpnBasicSettings no requieren autenticación. • https://www.exploit-db.com/exploits/44637 https://blog.kos-lab.com/Hello-World • CWE-798: Use of Hard-coded Credentials •