CSRF Vulnerability in Intelbras IWR 3000N Routers
CVE-2019-19995

8.8HIGH

Key Information:

Vendor: Intelbras
Status: Iwr 3000n Firmware
Vendor: CVE Published:; 26 December 2019

What is CVE-2019-19995?

A Cross-Site Request Forgery (CSRF) vulnerability was identified in Intelbras IWR 3000N devices, enabling unauthorized actions due to inadequate validation of requests. This flaw allows an attacker to exploit the vulnerable router, gaining complete control over its settings and potentially compromising the entire network. Victims can be misled into initiating malicious requests without their knowledge, posing significant risks to network security.

References

https://medium.com/%40rsantos_14778/csrf-cve-2019-19995-9...

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 26, 2019
Vulnerability Reserved
Dec 26, 2019