CVE-2019-20004
HIGHIntelbras IWR 3000N 1.8.7 - Weak Password Recovery Mechanism
Title source: llmDescription
An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router.
References (2)
Core 2
Core References
Various Sources x_refsource_misc
https://medium.com/%40rsantos_14778/remote-control-cve-2019-20004-21f77e976715
Vendor Advisory x_refsource_misc
http://en.intelbras.com.br/downloads
Scores
CVSS v3
8.8
EPSS
0.0117
EPSS Percentile
63.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-640
Status
published
Products (1)
intelbras/iwr_3000n_firmware
1.8.7
Published
Jan 05, 2020
Tracked Since
Feb 18, 2026