CVE-2018-12455

HIGH NUCLEI

Intelbras NPLUG 1.0.0.14 - Auth Bypass

Title source: llm

Description

Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an attacker to authenticate in the web interface just by using "admin:" as the name of a cookie.

Nuclei Templates (1)

Intelbras NPLUG 1.0.0.14 - Authentication Bypass

CRITICALVERIFIEDby ritikchaddha

Shodan: html:"NPLUG"

FOFA: title="NPLUG"

References (1)

[Exploit, Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2018/Oct/18

Scores

CVSS v3 8.1

EPSS 0.1931

EPSS Percentile 95.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-287

Status published

Products (1)

intelbras/nplug_firmware 1.0.0.14

Published Oct 10, 2018

Tracked Since Feb 18, 2026