CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 1CVE-2023-36144
https://notcve.org/view.php?id=CVE-2023-36144
An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the device, exposing critical information about the device configuration. • https://github.com/leonardobg/CVE-2023-36144 http://intelbras.com • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-43308
https://notcve.org/view.php?id=CVE-2022-43308
INTELBRAS SG 2404 MR 20180928-rel64938 allows authenticated attackers to arbitrarily create Administrator accounts via crafted user cookies. INTELBRAS SG 2404 MR 20180928-rel64938 permite a atacantes autenticados crear arbitrariamente cuentas de administrador a través de cookies de usuario manipuladas. • https://github.com/vitorespf/Advisories/blob/master/Intelbras-switch.txt https://www.intelbras.com/pt-br/switch-gerenciavel-24-portas-poe-gigabit-ethernet-sg-2404-poe • CWE-269: Improper Privilege Management •