CVE-2019-19007

Published: Dec 5, 2019Modified: Nov 21, 2024

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: NVD

Description

Intelbras IWR 3000N 1.8.7 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled, a related issue to CVE-2019-17600.

Affected (1)

Products: Intelbras: Iwr 3000n Firmware

Intelbras

1 product

Iwr 3000n Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Intelbras Iwr 3000n Firmware	Version 1.8.7

Running on/with	Platform Versions
Intelbras Iwr 3000n	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://medium.com/%40rsantos_14778/1500b407dccc

Source: cve@mitre.org

https://medium.com/%40rsantos_14778/1500b407dccc

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.