CVE-2025-8515

Опубликовано: 04 авг. 2025

Источник: nvd

CVSS3: 3.1

CVSS3: 3.7

CVSS2: 2.1

EPSS Низкий

Описание

A weakness has been identified in Intelbras InControl 2.21.60.9. This vulnerability affects unknown code of the file /v1/operador/ of the component JSON Endpoint. Executing manipulation can lead to information disclosure. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is stated that the exploitability is difficult. The exploit has been made available to the public and could be exploited. Upgrading the affected component is advised.

Ссылки

https://backend.intelbras.com/sites/default/files/2025-08/Aviso%20de%20Seguran%C3%A7a%20-%20Incontrol%202.21.60%20e%202.21.61%20PT-IN%20.pdf
https://vuldb.com/?ctiid.318641
Permissions Required
VDB Entry
https://vuldb.com/?id.318641
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.579544
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:intelbras:incontrol_web:2.21.60.9:*:*:*:*:*:*:*

EPSS

Процентиль: 8%

0.00029

Низкий

3.1 Low

CVSS3

3.7 Low

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200

NVD-CWE-noinfo

Связанные уязвимости

GHSA-c9qv-g34c-5xgf

CVSS3: 3.1

github

6 месяцев назад

A vulnerability was found in Intelbras InControl 2.21.60.9 and classified as problematic. This issue affects some unknown processing of the file /v1/operador/ of the component JSON Endpoint. The manipulation leads to information disclosure. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.

EPSS

Процентиль: 8%

0.00029

Низкий

3.1 Low

CVSS3

3.7 Low

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200

NVD-CWE-noinfo