CVE-2018-12529

HIGH

Intex N150 - CSRF

Title source: llm

Description

An issue was discovered on Intex N150 devices. The router firmware suffers from multiple CSRF injection point vulnerabilities including changing user passwords and router settings.

Exploits (2)

exploitdb WORKING POC

by Samrat Das · textwebappshardware

https://www.exploit-db.com/exploits/44933

View Code ZIP pw:eip

exploitdb WRITEUP

by Samrat Das · textwebappshardware

https://www.exploit-db.com/exploits/44939

View Code ZIP pw:eip

References (3)

Core 3

Core References

Exploit, Third Party Advisory

https://www.exploit-db.com/exploits/44933/

Exploit, Not Applicable, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/44939/

Exploit, Third Party Advisory x_refsource_misc

http://securitywarrior9.blogspot.com/2018/06/cross-site-request-forgery-intex-router.html

Scores

CVSS v3 8.8

EPSS 0.0026

EPSS Percentile 49.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-352

Status published

Products (1)

intex/n150_firmware

Published Jul 02, 2018

Tracked Since Feb 18, 2026