CVE-2019-19007

HIGH

Intelbras IWR 3000N <1.8.7 - Info Disclosure

Title source: llm
STIX 2.1

Description

Intelbras IWR 3000N 1.8.7 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled, a related issue to CVE-2019-17600.

References (1)

Core 1
Core References
Various Sources x_refsource_misc
https://medium.com/%40rsantos_14778/1500b407dccc

Scores

CVSS v3 7.2
EPSS 0.0163
EPSS Percentile 73.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-200
Status published
Products (1)
intelbras/iwr_3000n_firmware 1.8.7
Published Dec 05, 2019
Tracked Since Feb 18, 2026