CVE-2025-55976HIGH 8.4EPSS p85.4%

CVE-2025-55976CVE-2025-55976

Description

Intelbras IWR 3000N 1.9.8 exposes the Wi-Fi password in plaintext via the /api/wireless endpoint. Any unauthenticated user on the local network can directly obtain the Wi-Fi network password by querying this endpoint.

Scoring

CVSS 3.18.4 (HIGH)
VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS2.96% probability of exploitation · percentile 85.4% · 2026-06-19T12:03:05Z
Published2025-09-10
Last modified2025-10-17

Underlying weaknesses· 2

CWE-200CWE-319

References

  1. https://medium.com/@windsormoreira/intelbras-iwr-3000n-unauthenticated-wi-fi-password-disclosure-cve-2025-55976-7cdac7770413
  2. https://www.intelbras.com/pt-br/produto/roteador-wireless-n-300mbps-iwr-3000n

2

TypeTargetConfidenceTier
WeaknessExposure of Sensitive Information to an Unauthorized Actorcwe-2000%live
WeaknessCleartext Transmission of Sensitive Informationcwe-3190%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-26062
CVE
CVE-2025-26063
CVE
CVE-2026-35075
CVE
NETGEAR Multiple Devices Exposure of Sensitive Information Vulnerability
CVE
CVE-2025-63362
CVE
CVE-2025-45492
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.