Stored XSS Vulnerability in Intelbras WRN 150 Router
CVE-2019-17222

6.1MEDIUM

Key Information:

Vendor: Intelbras
Status: Wrn 150 Firmware
Vendor: CVE Published:; 7 November 2019

Summary

A stored XSS vulnerability exists in the service name configuration of Intelbras WRN 150 routers, specifically in version 1.0.17. This weakness allows an attacker to inject malicious scripts, potentially leading to unauthorized access or manipulation of the device's configuration settings. An exploitation of this flaw can also result in denial of service, preventing legitimate users from modifying their router settings.

References

https://www.youtube.com/watch?v=e3sozdDExTM

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Nov 7, 2019
Vulnerability Reserved
Oct 6, 2019