Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:MISC:CVE-2018-11094-ID
Severity	Minor
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	Intelbras NCloud CVE-2018-11094 Information Disclosure
Release Date	2019/02/10
Update Number	3141
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Intelbras NCloud CVE-2018-11094 Information Disclosure

This signature detects attempts to exploit a known vulnerability against Intelbras NCloud 300 routers. A successful attack can lead to Information Disclosure.

Extended Description

An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, password, and other details are retrieved.

Affected Products

Intelbras ncloud_300_firmware 1.0

References

CVE: CVE-2018-11094

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Intelbras NCloud CVE-2018-11094 Information Disclosure

Extended Description

Affected Products

References