Pedro Aguiar

1 exploit Active since May 2018
CVE-2018-11094 EXPLOITDB CRITICAL python WORKING POC
Intelbras NCLOUD 300 1.0 - Unauthenticated Information Disclosure via ExportSettings.sh
An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, password, and other details are retrieved.
CVSS 9.8