CVE-2018-12455

Name: CVE-2018-12455
Creator: NVD / NIST
Published: 2018-10-10T21:29:01.163+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 5.00%

Last modified Jun 17, 2026

CVE-2018-12455 is a vulnerability of currently unknown severity. Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an attacker to authenticate in the web interface just by using "admin:" as the name of a cookie.. EPSS estimates a 5.00% chance of exploitation in the next 30 days.

Description

Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an attacker to authenticate in the web interface just by using "admin:" as the name of a cookie.

Metrics

EPSS Probability

5.00%

91.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-287

Affected Software

Vendor	Product	Versions
Intelbras	Nplug Firmware	1.0.0.14

References

http://seclists.org/fulldisclosure/2018/Oct/18Exploit, Mailing List, Third Party Advisory
http://seclists.org/fulldisclosure/2018/Oct/18Exploit, Mailing List, Third Party Advisory

Timeline

Published: Oct 10, 2018
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2018-12455?

Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an attacker to authenticate in the web interface just by using "admin:" as the name of a cookie.

How severe is CVE-2018-12455?

Severity scoring for CVE-2018-12455 is pending analysis. The EPSS model estimates a 5.00% probability of exploitation in the next 30 days.

How do I fix CVE-2018-12455?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-12455?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST