CVE-2025-8515

Low CVSS: 2.3

A weakness has been identified in Intelbras InControl 2.21.60.9. This vulnerability affects unknown code of the file /v1/operador/ of the component JSON Endpoint. Executing manipulation can lead to information disclosure. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is stated that the exploitability is difficult. The exploit has been made available to the public and could be exploited. Upgrading the affected component is advised.

Vendor

Intelbras

Product

Incontrol Web

CWE

CWE-200

Yayın Tarihi

2025-08-04 11:15:27

Güncelleme

2025-10-29 07:15:37

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-200 Incontrol Web LOW Intelbras 2025

Referanslar

https://backend.intelbras.com/sites/default/files/2025-08/Aviso%20de%20Seguran%C3%A7a%20-%20Incontrol%202.21.60%20e%202.21.61%20PT-IN%20.pdf https://vuldb.com/?ctiid.318641 https://vuldb.com/?id.318641 https://vuldb.com/?submit.579544

Benzer Kayıtlar

Medium

CVE-2026-3101

A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping…

Medium

CVE-2025-13187

A security vulnerability has been detected in Intelbras ICIP 2.0.20. Affected is an unknown function of the file /xml/si…

High

CVE-2025-55976

Intelbras IWR 3000N 1.9.8 exposes the Wi-Fi password in plaintext via the /api/wireless endpoint. Any unauthenticated us…

High

CVE-2025-26065

A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arb…

Critical

CVE-2025-26062

An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to access the rou…

Critical

CVE-2025-26063

An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to execute arbitrary code via in…