CVE-2019-11414

An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 61%
VendorProductVersion
intelbrasiwr_3000n_firmware
1.5.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://1.337.zone/2019/04/07/intelbras-iwr-3000n-1-5-0-unproper-de-authorization/
http://1.337.zone/2019/04/07/intelbras-iwr-3000n-1-5-0-unproper-de-authorization/