Vul Router model win 300 , wrn 342 - router model win 300 , wrn 342

1. The web interface on Intelbras WIN 300 and WRN 342 devices
2. allows remote attackers to discover credentials by reading the
3. def_wirelesspassword line in the HTML source code.
4.  
5. ------------------------------------------
6.  
7. [VulnerabilityType Other]
8. misconfiguration vulnerability
9.  
10. ------------------------------------------
11.  
12. [Vendor of Product]
13. intelbras
14.  
15. ------------------------------------------
16.  
17. [Affected Product Code Base]
18. router model win 300 , wrn 342 - router model win 300 , wrn 342
19.  
20. ------------------------------------------
21.  
22. [Affected Component]
23. i looking dork in shodan found router model win 300 , wrn 342 ,without authentication, it is possible to see username and password
24.  
25. ------------------------------------------
26.  
27. [Attack Type]
28. Remote
29.  
30. ------------------------------------------
31.  
32. [Impact Escalation of Privileges]
33. true
34.  
35. ------------------------------------------
36.  
37. [Impact Information Disclosure]
38. true
39.  
40. ------------------------------------------
41.  
42. [Attack Vectors]
43. Dork shodan
44. html:"def_wirelesspassword" country:"BR"
45.  
46. ------------------------------------------
47.  
48. [Discoverer]
49. Cleiton Alves
50. twitter @akaclandestine
51.  
52. ------------------------------------------
53.  
54. [Reference]
55. https://www.intelbras.com/pt-br/ajuda-download/faq/roteador-wireless-veloz-wrn-342