CVE-2020-36963

HIGH

Intelbras Router RF 301K <1.1.2 - Auth Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-36963. PoCs published by Kaio Amaral.

AI-analyzed exploit summary This exploit bypasses authentication on Intelbras Router RF 301K by sending a crafted HTTP GET request to download the router's configuration file. The PoC retrieves sensitive configuration data without authentication.

Description

Intelbras Router RF 301K firmware version 1.1.2 contains an authentication bypass vulnerability that allows unauthenticated attackers to download router configuration files. Attackers can send a specific HTTP GET request to /cgi-bin/DownloadCfg/RouterCfm.cfg to retrieve sensitive router configuration without authentication.

Exploits (1)

exploitdb WORKING POC
by Kaio Amaral · pythonwebappshardware
https://www.exploit-db.com/exploits/49126

This exploit bypasses authentication on Intelbras Router RF 301K by sending a crafted HTTP GET request to download the router's configuration file. The PoC retrieves sensitive configuration data without authentication.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Intelbras Router RF 301K firmware version 1.1.2
No auth needed
Prerequisites: Network access to the target router · Router running vulnerable firmware version
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/49126
Various Sources product
https://www.intelbras.com/pt-br/

Scores

CVSS v3 7.5
EPSS 0.0036
EPSS Percentile 28.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-306
Status published
Products (1)
Intelbras/Intelbras Router RF 301K firmware version 1.1.2
Published Jan 28, 2026
Tracked Since Feb 18, 2026