CVE-2017-14942 Scanner
CVE-2017-14942 Scanner - Authentication Bypass vulnerability in Intelbras WRN 150
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
18 days 20 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
-
Intelbras WRN 150 is a router commonly used in residential and small office environments to provide internet connectivity. It is designed for ease of use and typically employed by non-technical users. The product is manufactured by Intelbras, a company known for telecommunications equipment. It includes various features meant to cater to basic internet routing needs while also aiming to provide security features. The router is often found in settings where cost-effective solutions are required. It is widely recognized in regions that prioritize accessible network solutions.
The vulnerability in question is an authentication bypass issue. By manipulating a cookie, an attacker can bypass authentication controls. This kind of vulnerability is particularly concerning because it allows unauthorized access to sensitive information. The authentication bypass involves manipulation of language preferences set in cookies. Such vulnerabilities pose significant risk as they undermine one of the fundamental security controls of the device. Detection and mitigation are critical to ensure network integrity.
Technical details of this vulnerability involve cookie manipulation, specifically the 'admin:language' cookie. The manipulation allows unauthorized retrieval of the router's configuration file. The vulnerability is exploited by crafting a specific GET request. Key elements, such as cookies, play a central role in the successful bypass of authentication. Successful exploitation is marked by obtaining sensitive configuration data, often identifiable through certain keywords in the file. The severity of this vulnerability lies in its ability to compromise network settings without proper authentication.
Exploitation of this vulnerability can lead to unauthorized network access. Attackers may modify configurations, leading to potential network outages or interception of data traffic. Sensitive information stored in configuration files could also be harvested, compromising the security posture of the network. In severe cases, it could allow further infiltration into connected devices. The risk extends to the privacy of network users, highlighting the need for effective countermeasures. Regular monitoring for unauthorized access is advised to protect the network.
REFERENCES
