Administrative Control Flaw in Intelbras IWR 3000N Router
CVE-2019-11414
8.8HIGH
Summary
A security flaw has been identified in the Intelbras IWR 3000N 1.5.0 devices. When an administrator changes the router's password from a specific client IP address, the router fails to properly revoke administrative access for that IP address. This oversight allows any client operating from the same address to maintain unrestricted control over the router, posing significant security risks. Immediate attention to this issue is necessary to prevent unauthorized access to sensitive administrative functions.
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved