- Description
- Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web interface, allowing attackers to perform actions such as changing the wireless SSID, rebooting the device, editing access control lists, or activating remote access.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 3.0
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
- nvd@nist.gov
- CWE-352
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intelbras:nplug_firmware:1.0.0.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F57C7CE2-0811-440F-84A8-7A3988CB7942"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intelbras:nplug:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "31AF436F-BAAA-4656-89C7-E63A62C1A7A0"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]