VYPR

IWR 3000N

by Intelbras

CVEs (8)

  • CVE-2019-11416HigApr 22, 2019
    risk 0.61cvss 8.8epss 0.04

    A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user.

  • CVE-2019-20004HigJan 5, 2020
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router.

  • CVE-2019-19995HigDec 26, 2019
    risk 0.57cvss 8.8epss 0.01

    A CSRF issue was discovered on Intelbras IWR 3000N 1.8.7 devices, leading to complete control of the router, as demonstrated by v1/system/user.

  • CVE-2019-11414HigApr 22, 2019
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router.

  • CVE-2025-55976HigSep 10, 2025
    risk 0.55cvss 8.4epss 0.03

    Intelbras IWR 3000N 1.9.8 exposes the Wi-Fi password in plaintext via the /api/wireless endpoint. Any unauthenticated user on the local network can directly obtain the Wi-Fi network password by querying this endpoint.

  • CVE-2019-11415HigApr 22, 2019
    risk 0.53cvss 7.5epss 0.14

    An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""} string to v1/system/login.

  • CVE-2019-19996HigDec 26, 2019
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""} string to v1/system/login.

  • CVE-2019-19007HigDec 5, 2019
    risk 0.47cvss 7.2epss 0.02

    Intelbras IWR 3000N 1.8.7 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled, a related issue to CVE-2019-17600.