intenogroup CVE Vulnerabilities & CVE List (5)

Products (CPE): — CVEs: 5

intenogroup vulnerability overview

Aggregates CVE and security vulnerability intelligence across all intenogroup-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk path handling and related problems; some flaws may lead to vendor impact file overwrite, affecting vendor surface production workloads scenarios.

Vulnerability distribution trend (last 24 months)

Showing 15 of 5 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2019-13140 Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 routers have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt the provisioning file provided by Adamo Telecom on a public URL via cleartext HTTP. [email protected] 6.5 2.04% 2019-09-16 2026-06-16
CVE-2018-14533 read_tmp and write_tmp in Inteno IOPSYS allow attackers to gain privileges after writing to /tmp/etc/smb.conf because /var is a symlink to /tmp. [email protected] 7.8 1.49% 2018-07-31 2026-06-16
CVE-2018-10123 p910nd on Inteno IOPSYS 2.0 through 4.2.0 allows remote attackers to read, or append data to, arbitrary files via requests on TCP port 9100. [email protected] 8.8 10.89% 2018-05-16 2026-06-16
CVE-2017-17867 Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users to execute arbitrary OS commands by modifying the leasetrigger field in the odhcpd configuration to specify an arbitrary program, as demonstrated by a program located on an SMB share. This issue existed because the /etc/uci-defaults directory was not being used to secure the OpenWrt configuration. [email protected] 8.8 11.07% 2018-01-04 2026-06-16
CVE-2017-11361 Inteno routers have a JUCI ACL misconfiguration that allows the "user" account to read files, write to files, and add root SSH keys via JSON commands to ubus. (Exploitation is sometimes easy because the "user" password might be "user" or might match the Wi-Fi key.) [email protected] 8.8 1.20% 2017-07-17 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence