← Back

Intenogroup

intenogroup

5 CVEs • 6 products

Products (6)

Click to collapse
Toggle
Iopsys Firmware
iopsys_firmware
2 CVEs
Inteno Router Firmware
inteno_router_firmware
1 CVE
Iopsys
iopsys
1 CVE
Eg200 Firmware
eg200_firmware
1 CVE
Inteno Router
inteno_router
0 CVEs
Eg200
eg200
0 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-13140
1Intenogroup
1Eg200 Firmware
Nov 21, 2024
Sep 16, 2019
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 routers have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt the provisionin...Show more
Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 routers have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt the provisioning file provided by Adamo Telecom on a public URL via cleartext HTTP.Show less
CVE-2018-14533
1Intenogroup
1Iopsys Firmware
Nov 21, 2024
Jul 31, 2018
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
read_tmp and write_tmp in Inteno IOPSYS allow attackers to gain privileges after writing to /tmp/etc/smb.conf because /var is a symlink to /tmp.
CVE-2018-10123
1Intenogroup
1Iopsys Firmware
Nov 21, 2024
May 16, 2018
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
p910nd on Inteno IOPSYS 2.0 through 4.2.0 allows remote attackers to read, or append data to, arbitrary files via requests on TCP port 9100.
CVE-2017-17867
1Intenogroup
1Iopsys
Nov 21, 2024
Jan 4, 2018
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users to execute arbitrary OS commands by modifying the leasetrigger field in the odhcpd configuration to specify an arbitrary program, as demonstrated by...Show more
Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users to execute arbitrary OS commands by modifying the leasetrigger field in the odhcpd configuration to specify an arbitrary program, as demonstrated by a program located on an SMB share. This issue existed because the /etc/uci-defaults directory was not being used to secure the OpenWrt configuration.Show less
CVE-2017-11361
1Intenogroup
1Inteno Router Firmware
May 13, 2026
Jul 17, 2017
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
Inteno routers have a JUCI ACL misconfiguration that allows the "user" account to read files, write to files, and add root SSH keys via JSON commands to ubus. (Exploitation is sometimes easy because the "user" password m...Show more
Inteno routers have a JUCI ACL misconfiguration that allows the "user" account to read files, write to files, and add root SSH keys via JSON commands to ubus. (Exploitation is sometimes easy because the "user" password might be "user" or might match the Wi-Fi key.)Show less