CVE-2023-36144 — AI Deep Analysis Summary

🚨 **Essence**: Authentication Bypass in Intelbras SG 2404 MR. <br>💥 **Consequences**: Unauthenticated attackers can download backup files containing **critical config info** and **hashed passwords**.…

🛡️ **Root Cause**: Lack of Access Control on specific endpoints. <br>🔍 **Flaw**: The endpoint `/cgi-bin/exportCfgwithpasswd` does not require login.…

📦 **Affected Product**: Intelbras SG 2404 MR (L2+ Switch). <br>📉 **Version**: Firmware **1.00.54**. <br>🌍 **Vendor**: Intelbras (Brazil). Check your network gear if you use this model!

🕵️ **Attacker Actions**: <br>1. Download full device backup. <br>2. Extract **user credentials** (hashed passwords). <br>3. Reveal **network topology** & config details. <br>🔓 **Privilege**: None needed!…

⚡ **Threshold**: **EXTREMELY LOW**. <br>🔑 **Auth**: None. <br>🌐 **Access**: Just need network reachability to the device IP. <br>🎯 **Ease**: One simple HTTP GET request. No complex setup.

💻 **Public Exploit**: **YES**. <br>🔗 **PoC**: Available on GitHub (leonardobg/CVE-2023-36144). <br>🤖 **Scanner**: Nuclei templates exist. <br>⚠️ **Risk**: Wild exploitation is highly likely due to simplicity.

🔍 **Self-Check Method**: <br>1. Target: `http://<DEVICE_IP>/cgi-bin/exportCfgwithpasswd` <br>2. Action: Send GET request. <br>3. Result: If a `.tar`/`.zip` file downloads automatically → **VULNERABLE**!…

🩹 **Official Fix**: Check Intelbras support for firmware updates > 1.00.54. <br>📢 **Status**: CVE published June 2023. Vendor likely aware. <br>⏳ **Action**: Contact vendor immediately for a patched version.

🚧 **No Patch? Workaround**: <br>1. **Block Access**: Firewall rules to deny external access to `/cgi-bin/` endpoints. <br>2. **Isolate**: Move switch to a restricted VLAN. <br>3.…

🔥 **Urgency**: **HIGH**. <br>📉 **CVSS**: Likely High (due to Confidentiality impact & No Auth). <br>🚀 **Priority**: Patch immediately or apply strict network segmentation. Don't leave your config exposed!