Intelbras WRN 150 1.0.17 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerability

Summary

Intelbras WRN 150 1.0.17 suffers from improper neutralization of input during web page generation (‘Cross-site Scripting’) vulnerability

Credit:

The information has been provided by Vendor

The original article can be found at:https://www.youtube.com/watch?v=e3sozdDExTM


Details

An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the configuration).

 

Vulnerable Systems:

 Intelbras WRN 150 1.0.17 

 

CVE Information:

CVE-2019-17222

 

Disclosure Timeline:
Published Date:11/7/2019