CVE-2025-13187

Medium CVSS: 5.5

A security vulnerability has been detected in Intelbras ICIP 2.0.20. Affected is an unknown function of the file /xml/sistema/acessodeusuario.xml. Such manipulation of the argument NomeUsuario/SenhaAcess leads to unprotected storage of credentials. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Vendor

Intelbras

Product

Icip 30 Firmware

CWE

CWE-255

Yayın Tarihi

2025-11-14 22:15:45

Güncelleme

2026-02-04 20:46:57

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-255 Icip 30 Firmware MEDIUM Intelbras 2025

Referanslar

https://vuldb.com/?ctiid.332475 https://vuldb.com/?id.332475 https://vuldb.com/?submit.685522 https://www.notion.so/eldruin/Intelbras-ICIP-Plaintext-Admin-Credentials-Disclosure-29b27474cccb80ff943ff2776d03d7cd https://www.notion.so/eldruin/Intelbras-ICIP-Plaintext-Admin-Credentials-Disclosure-CVE-2025-13187-29b27474cccb80ff943ff2776d03d7cd

Benzer Kayıtlar

Medium

CVE-2026-3101

A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping…

High

CVE-2025-55976

Intelbras IWR 3000N 1.9.8 exposes the Wi-Fi password in plaintext via the /api/wireless endpoint. Any unauthenticated us…

High

CVE-2025-26065

A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arb…

Low

CVE-2025-8515

A weakness has been identified in Intelbras InControl 2.21.60.9. This vulnerability affects unknown code of the file /v1…

Critical

CVE-2025-26062

An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to access the rou…

Critical

CVE-2025-26063

An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to execute arbitrary code via in…