Intelbras Router RF 301K Authentication Bypass Vulnerability Allowing Unauthenticated Access to Configuration Files

An authentication bypass vulnerability has been identified in the Intelbras Router RF 301K, specifically in firmware version 1.1.2. This vulnerability allows unauthenticated attackers to download sensitive router configuration files. Exploitation involves sending a specific HTTP GET request to the '/cgi-bin/DownloadCfg/RouterCfm.cfg' endpoint, bypassing authentication requirements.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive router configuration files, which may contain information that could be used to compromise the router or the network it is connected to.

Reproduction

To reproduce this vulnerability, send an HTTP GET request to the '/cgi-bin/DownloadCfg/RouterCfm.cfg' endpoint on a device running Intelbras Router RF 301K firmware version 1.1.2. This can be done using a tool like netcat or through a Python script that automates the request. The response should include the router's configuration file, indicating successful exploitation.