Primary

Context

Intelbras IWR 3000N Wi-Fi Password Disclosure Vulnerability

Vulnerability

A vulnerability in the Intelbras IWR 3000N router running firmware 1.9.8 allows any unauthenticated user on the local network to access the Wi-Fi password in plaintext through the /api/wireless endpoint. This exposure of sensitive information could lead to unauthorized access to the wireless network.

Impact

Exploitation of this vulnerability allows any user on the local network to obtain the Wi-Fi password, leading to unauthorized access to the wireless network and potential man-in-the-middle attacks.

Reproduction

To reproduce this vulnerability, connect to the local network of the Intelbras IWR 3000N router. Then, send an unauthenticated HTTP GET request to the /api/wireless endpoint. The Wi-Fi password can be found in the JSON response under the 'key' or 'key1' field.

Added: Sep 10, 2025, 6:19 PM

Updated: Sep 10, 2025, 7:27 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.5

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.5

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Intelbras IWR 3000N Wi-Fi Password Disclosure Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

Intelbras IWR 3000N

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating