CVE-2018-11094

Posted on by admin

CVE-2018-11094

An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, password, and other details are retrieved.

Source: CVE-2018-11094

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다