2 results (0.004 seconds)

CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 1

An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the device, exposing critical information about the device configuration. • https://github.com/leonardobg/CVE-2023-36144 http://intelbras.com • CWE-862: Missing Authorization •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1

INTELBRAS SG 2404 MR 20180928-rel64938 allows authenticated attackers to arbitrarily create Administrator accounts via crafted user cookies. INTELBRAS SG 2404 MR 20180928-rel64938 permite a atacantes autenticados crear arbitrariamente cuentas de administrador a través de cookies de usuario manipuladas. • https://github.com/vitorespf/Advisories/blob/master/Intelbras-switch.txt https://www.intelbras.com/pt-br/switch-gerenciavel-24-portas-poe-gigabit-ethernet-sg-2404-poe • CWE-269: Improper Privilege Management •