Unauthenticated Wi-Fi Password Exposure in Intelbras Router
CVE-2025-55976

8.4HIGH

Key Information:

Vendor: Intelbras
Status: IWR 3000N
Vendor: CVE Published:; 10 September 2025

What is CVE-2025-55976?

The Intelbras IWR 3000N version 1.9.8 is susceptible to a serious security flaw that allows any user within the local network to access the Wi-Fi password in plaintext. This vulnerability is present via the /api/wireless endpoint, which permits unauthenticated queries, thereby exposing sensitive network credentials that, if exploited, could result in unauthorized network access and potential data compromise. Securing this router's configuration is crucial to preventing unauthorized access and ensuring network security.

References

https://www.intelbras.com/pt-br/produto/roteador-wireless...

https://medium.com/@windsormoreira/intelbras-iwr-3000n-un...

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 10, 2025
Vulnerability Reserved
Aug 16, 2025

JSON