← Back

Intelbras

intelbras

50 CVEs • 48 products

Products (48)

Click to collapse
Toggle
Iwr 3000n Firmware
iwr_3000n_firmware
8 CVEs
Rx 1500 Firmware
rx_1500_firmware
7 CVEs
Incontrol Web
incontrol_web
7 CVEs
Tip200 Firmware
tip200_firmware
4 CVEs
Tip200lite Firmware
tip200lite_firmware
4 CVEs
Rx 3000 Firmware
rx_3000_firmware
4 CVEs
Wrn 150 Firmware
wrn_150_firmware
3 CVEs
Nplug Firmware
nplug_firmware
3 CVEs
Wrn 240 Firmware
wrn_240_firmware
2 CVEs
Action Rf 1200 Firmware
action_rf_1200_firmware
2 CVEs
Tip300 Firmware
tip300_firmware
2 CVEs
Rf 301k Firmware
rf_301k_firmware
2 CVEs
Sg 2404 Mr Firmware
sg_2404_mr_firmware
2 CVEs
Icip 30 Firmware
icip_30_firmware
1 CVE
Ncloud 300 Firmware
ncloud_300_firmware
1 CVE
Win 240 Firmware
win_240_firmware
1 CVE
Iwr 1000n Firmware
iwr_1000n_firmware
1 CVE
Cip 92200 Firmware
cip_92200_firmware
1 CVE
Win 300 Firmware
win_300_firmware
1 CVE
Wrn 342 Firmware
wrn_342_firmware
1 CVE
Ata 200 Firmware
ata_200_firmware
1 CVE
Sg 2404 Poe Firmware
sg_2404_poe_firmware
1 CVE
Wifiber 120ac Inmesh Firmware
wifiber_120ac_inmesh_firmware
1 CVE
Incontrol
incontrol
1 CVE
Tip 635g Firmware
tip_635g_firmware
1 CVE
Icip 30
icip_30
0 CVEs
Wrn 240
wrn_240
0 CVEs
Wrn 150
wrn_150
0 CVEs
Tip200
tip200
0 CVEs
Tip200lite
tip200lite
0 CVEs
Ncloud 300
ncloud_300
0 CVEs
Win 240
win_240
0 CVEs
Nplug
nplug
0 CVEs
Iwr 3000n
iwr_3000n
0 CVEs
Iwr 1000n
iwr_1000n
0 CVEs
Action Rf 1200
action_rf_1200
0 CVEs
Cip 92200
cip_92200
0 CVEs
Tip300
tip300
0 CVEs
Win 300
win_300
0 CVEs
Wrn 342
wrn_342
0 CVEs
Rf 301k
rf_301k
0 CVEs
Ata 200
ata_200
0 CVEs
Sg 2404 Poe
sg_2404_poe
0 CVEs
Sg 2404 Mr
sg_2404_mr
0 CVEs
Wifiber 120ac Inmesh
wifiber_120ac_inmesh
0 CVEs
Rx 1500
rx_1500
0 CVEs
Rx 3000
rx_3000
0 CVEs
Tip 635g
tip_635g
0 CVEs

CVEs (50)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2026-3101
1Intelbras
1Tip 635g Firmware
Apr 29, 2026
Feb 24, 2026
2.1 LOW· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The...Show more
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-13187
1Intelbras
1Icip 30 Firmware
Feb 4, 2026
Nov 14, 2025
5.5 MEDIUM· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A security vulnerability has been detected in Intelbras ICIP 2.0.20. Affected is an unknown function of the file /xml/sistema/acessodeusuario.xml. Such manipulation of the argument NomeUsuario/SenhaAcess leads to unprote...Show more
A security vulnerability has been detected in Intelbras ICIP 2.0.20. Affected is an unknown function of the file /xml/sistema/acessodeusuario.xml. Such manipulation of the argument NomeUsuario/SenhaAcess leads to unprotected storage of credentials. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.Show less
CVE-2025-55976
1Intelbras
1Iwr 3000n Firmware
Oct 17, 2025
Sep 10, 2025
N/A· v4
8.4 HIGH· v3
N/A· v2
Intelbras IWR 3000N 1.9.8 exposes the Wi-Fi password in plaintext via the /api/wireless endpoint. Any unauthenticated user on the local network can directly obtain the Wi-Fi network password by querying this endpoint.
CVE-2025-26065
1Intelbras
2Rx 1500 Firmware
Rx 3000 Firmware
Nov 3, 2025
Aug 4, 2025
N/A· v4
7.3 HIGH· v3
N/A· v2
A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a visiting Wi-Fi network...Show more
A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a visiting Wi-Fi network.Show less
CVE-2025-8515
1Intelbras
1Incontrol Web
Apr 29, 2026
Aug 4, 2025
1.3 LOW· v4
3.7 LOW· v3
2.1 LOW· v2
A weakness has been identified in Intelbras InControl 2.21.60.9. This vulnerability affects unknown code of the file /v1/operador/ of the component JSON Endpoint. Executing manipulation can lead to information disclosure...Show more
A weakness has been identified in Intelbras InControl 2.21.60.9. This vulnerability affects unknown code of the file /v1/operador/ of the component JSON Endpoint. Executing manipulation can lead to information disclosure. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is stated that the exploitability is difficult. The exploit has been made available to the public and could be exploited. Upgrading the affected component is advised.Show less
CVE-2025-26064
1Intelbras
2Rx 1500 Firmware
Rx 3000 Firmware
Nov 3, 2025
Jul 31, 2025
N/A· v4
7.3 HIGH· v3
N/A· v2
A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a connnected device.
CVE-2025-26063
1Intelbras
2Rx 1500 Firmware
Rx 3000 Firmware
Nov 3, 2025
Jul 31, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to execute arbitrary code via injecting a crafted payload into the ESSID name when creating a network.
CVE-2025-26062
1Intelbras
2Rx 1500 Firmware
Rx 3000 Firmware
Nov 3, 2025
Jul 31, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to access the router's settings file and obtain potentially sensitive information from the current settings.
CVE-2025-7061
1Intelbras
1Incontrol Web
Apr 29, 2026
Jul 4, 2025
2.0 LOW· v4
2.7 LOW· v3
3.3 LOW· v2
A vulnerability was found in Intelbras InControl up to 2.21.60.9. It has been declared as problematic. This vulnerability affects unknown code of the file /v1/operador/. The manipulation leads to csv injection. The attac...Show more
A vulnerability was found in Intelbras InControl up to 2.21.60.9. It has been declared as problematic. This vulnerability affects unknown code of the file /v1/operador/. The manipulation leads to csv injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-50405
1Intelbras
1Rx 1500 Firmware
Aug 20, 2025
Jul 1, 2025
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the FirmwareUpload function and GetFirmwareValidation function.
CVE-2025-50404
1Intelbras
1Rx 1500 Firmware
Aug 20, 2025
Jul 1, 2025
N/A· v4
5.3 MEDIUM· v3
N/A· v2
Intelbras RX1500 Router v2.2.17 and before is vulnerable to Integer Overflow. The websReadEvent function incorrectly uses the int type when processing the "command" field of the http header, causing the array to cross th...Show more
Intelbras RX1500 Router v2.2.17 and before is vulnerable to Integer Overflow. The websReadEvent function incorrectly uses the int type when processing the "command" field of the http header, causing the array to cross the boundary and overwrite other fields in the array.Show less
CVE-2025-6765
1Intelbras
1Incontrol Web
Apr 29, 2026
Jun 27, 2025
2.1 LOW· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60.9. This issue affects some unknown processing of the file /v1/operador/ of the component HTTP PUT Request Handler. The mani...Show more
A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60.9. This issue affects some unknown processing of the file /v1/operador/ of the component HTTP PUT Request Handler. The manipulation leads to permission issues. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-4286
1Intelbras
1Incontrol Web
Aug 20, 2025
May 5, 2025
5.1 MEDIUM· v4
4.9 MEDIUM· v3
3.3 LOW· v2
A vulnerability was found in Intelbras InControl up to 2.21.59. It has been classified as problematic. Affected is an unknown function of the component Dispositivos Edição Page. The manipulation of the argument Senha de...Show more
A vulnerability was found in Intelbras InControl up to 2.21.59. It has been classified as problematic. Affected is an unknown function of the component Dispositivos Edição Page. The manipulation of the argument Senha de Comunicação leads to unprotected storage of credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. According to the vendor this issue should be fixed in a later release.Show less
CVE-2025-0784
1Intelbras
1Incontrol Web
Aug 20, 2025
Jan 28, 2025
6.3 MEDIUM· v4
5.9 MEDIUM· v3
2.6 LOW· v2
A vulnerability has been found in Intelbras InControl up to 2.21.58 and classified as problematic. This vulnerability affects unknown code of the file /v1/usuario/ of the component Registered User Handler. The manipulati...Show more
A vulnerability has been found in Intelbras InControl up to 2.21.58 and classified as problematic. This vulnerability affects unknown code of the file /v1/usuario/ of the component Registered User Handler. The manipulation leads to cleartext transmission of sensitive information. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.21.59 is able to address this issue. It is recommended to upgrade the affected component.Show less
CVE-2024-9325
1Intelbras
1Incontrol Web
Nov 4, 2024
Sep 29, 2024
8.5 HIGH· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-w...Show more
A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. Upgrading to version 2.21.58 is able to address this issue. It is recommended to upgrade the affected component. The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.Show less
CVE-2024-9324
1Intelbras
1Incontrol Web
Nov 4, 2024
Sep 29, 2024
5.3 MEDIUM· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A vulnerability was found in Intelbras InControl up to 2.21.57. It has been rated as critical. Affected by this issue is some unknown functionality of the file /v1/operador/ of the component Relatório de Operadores Page....Show more
A vulnerability was found in Intelbras InControl up to 2.21.57. It has been rated as critical. Affected by this issue is some unknown functionality of the file /v1/operador/ of the component Relatório de Operadores Page. The manipulation of the argument fields leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.21.58 is able to address this issue. It is recommended to upgrade the affected component. The vendor was informed early on 2024-07-19 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.Show less
CVE-2024-6080
1Intelbras
1Incontrol
Nov 21, 2024
Jun 17, 2024
8.5 HIGH· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
A vulnerability classified as critical was found in Intelbras InControl 2.21.56. This vulnerability affects unknown code of the component incontrolWebcam Service. The manipulation leads to unquoted search path. Local acc...Show more
A vulnerability classified as critical was found in Intelbras InControl 2.21.56. This vulnerability affects unknown code of the component incontrolWebcam Service. The manipulation leads to unquoted search path. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 2.21.58 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early about this disclosure and plans to provide a solution within the next few weeks.Show less
CVE-2024-22773
1Intelbras
1Action Rf 1200 Firmware
Jun 5, 2025
Feb 6, 2024
N/A· v4
8.1 HIGH· v3
N/A· v2
Intelbras Action RF 1200 routers 1.2.2 and earlier and Action RG 1200 routers 2.1.7 and earlier expose the Password in Cookie resulting in Login Bypass.
CVE-2023-6103
1Intelbras
1Rx 1500 Firmware
Nov 21, 2024
Nov 13, 2023
N/A· v4
5.4 MEDIUM· v3
3.3 LOW· v2
A vulnerability has been found in Intelbras RX 1500 1.1.9 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /WiFi.html of the component SSID Handler. The manipulation l...Show more
A vulnerability has been found in Intelbras RX 1500 1.1.9 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /WiFi.html of the component SSID Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-245065 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2023-36144
1Intelbras
1Sg 2404 Mr Firmware
Nov 21, 2024
Jun 30, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the device, exposing critical information about the device configuration.