Authentication Bypass in Intelbras NPLUG Wireless Repeater
CVE-2018-12455

8.1HIGH

Key Information:

Vendor: Intelbras
Status: Nplug Firmware
Vendor: CVE Published:; 10 October 2018

What is CVE-2018-12455?

The Intelbras NPLUG 1.0.0.14 wireless repeater has a serious issue that allows unauthorized access to its web interface. An attacker can exploit this vulnerability by simply using 'admin:' as the cookie name during the authentication process, effectively bypassing security measures. This flaw exposes sensitive functionalities to potential threats, warranting immediate attention and remediation.

References

http://seclists.org/fulldisclosure/2018/Oct/18

mailing-listx_refsource_FULLDISC

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 10, 2018
Vulnerability Reserved
Jun 15, 2018