CVE-2021-3017
published 2021-04-14CVE-2021-3017: The web interface on Intelbras WIN 300 and WRN 342 devices through 2021-01-04 allows remote attackers to discover credentials by reading the…
PriorityP271high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
63.02%
99.1th percentile
The web interface on Intelbras WIN 300 and WRN 342 devices through 2021-01-04 allows remote attackers to discover credentials by reading the def_wirelesspassword line in the HTML source code.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| intelbras | win_300_firmware | <= 2021-01-04 | — |
| intelbras | wrn_342_firmware | <= 2021-01-04 | — |
Detection & IOCsextracted from sources · hover to see the quote
url/index.asp
otherdef_wirelesspassword =
yara
regex: 'def_wirelesspassword = "([A-Za-z0-9=]+)";'
- →Send an unauthenticated HTTP GET request to /index.asp on the target device. A vulnerable Intelbras WIN 300 or WRN 342 device will return HTTP 200 with both 'def_wirelesspassword =' and 'Roteador Wireless' present in the response body, indicating credentials are exposed in the HTML source.
- →Extract the plaintext wireless password from the HTML body using the regex pattern: def_wirelesspassword = "([A-Za-z0-9=]+)"; — credentials are embedded directly in the page source without authentication. ↗
- ·The vulnerability affects Intelbras WIN 300 and WRN 342 devices through firmware dated 2021-01-04 only. Devices on newer firmware may not be vulnerable. ↗
- ·Only a single HTTP request is required (max-request: 1), making this trivially exploitable at scale with no authentication, no special headers, and no prior knowledge of credentials.
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat5.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vvf7-v2jp-v5fv: The web interface on Intelbras WIN 300 and WRN 342 devices through 2021-01-04 allows remote attackers to discover credentials by reading the def_wirel
ghsa_unreviewed·2022-05-24
CVE-2021-3017 [HIGH] GHSA-vvf7-v2jp-v5fv: The web interface on Intelbras WIN 300 and WRN 342 devices through 2021-01-04 allows remote attackers to discover credentials by reading the def_wirel
The web interface on Intelbras WIN 300 and WRN 342 devices through 2021-01-04 allows remote attackers to discover credentials by reading the def_wirelesspassword line in the HTML source code.
Red Hat
kernel: mt76: connac: fix kernel warning adding monitor interface
vendor_redhat·2024-02-28·CVSS 5.5
CVE-2021-47029 [MEDIUM] CWE-20 kernel: mt76: connac: fix kernel warning adding monitor interface
kernel: mt76: connac: fix kernel warning adding monitor interface
In the Linux kernel, the following vulnerability has been resolved:
mt76: connac: fix kernel warning adding monitor interface
Fix the following kernel warning adding a monitor interface in
mt76_connac_mcu_uni_add_dev routine.
[ 507.984882] ------------[ cut here ]------------
[ 507.989515] WARNING: CPU: 1 PID: 3017 at mt76_connac_mcu_uni_add_dev+0x178/0x190 [mt76_connac_lib]
[ 508.059379] CPU: 1 PID: 3017 Comm: ifconfig Not tainted 5.4.98 #0
[ 508.065461] Hardware name: MT7622_MT7531 RFB (DT)
[ 508.070156] pstate: 80000005 (Nzcv daif -PAN -UAO)
[ 508.074939] pc : mt76_connac_mcu_uni_add_dev+0x178/0x190 [mt76_connac_lib]
[ 508.081806] lr : mt7921_eeprom_init+0x1288/0x1cb8 [mt7921e]
[ 508.087367] sp : ffffffc013a33930
[ 508.0
No detection rules found.
Nuclei
Intelbras WIN 300/WRN 342 - Credentials Disclosure
nuclei·CVSS 7.5
CVE-2021-3017 [HIGH] Intelbras WIN 300/WRN 342 - Credentials Disclosure
Intelbras WIN 300/WRN 342 - Credentials Disclosure
Intelbras WIN 300 and WRN 342 devices through 2021-01-04 allows remote attackers to discover credentials by reading the def_wirelesspassword line in the HTML source code.
Template:
id: CVE-2021-3017
info:
name: Intelbras WIN 300/WRN 342 - Credentials Disclosure
author: pikpikcu
severity: high
description: Intelbras WIN 300 and WRN 342 devices through 2021-01-04 allows remote attackers to discover credentials by reading the def_wirelesspassword line in the HTML source code.
impact: |
An attacker can gain unauthorized access to the router's administrative interface and potentially compromise the entire network.
remediation: |
Update the router firmware to the latest version, which includes a fix for the vulnerability.
reference:
- https:
No writeups or analysis indexed.
2021-04-14
Published