CVE-2026-12211

Vulnerability

A path traversal vulnerability exists in the Intelbras iNVU 7016 FT firmware version 3.004.00IB000.0.T (Build 2025-09-26) within the Web Interface component. The flaw is located in the file /RPC2_Loadfile/syslog/ and affects the execution log download functionality under "Advanced Maintenance > Execution Logs" in the admin panel [1]. The vulnerability is classified as CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) [1].

Exploitation

An attacker must have valid administrative credentials to access the execution log download feature. By manipulating the file path parameter in the request to /RPC2_Loadfile/syslog/, the attacker can traverse directories and read arbitrary files on the system. The attack can be launched remotely over the network [1]. No user interaction beyond authentication is required.

Impact

Successful exploitation allows an attacker to read any file on the device with root privileges, leading to full disclosure of sensitive information such as configuration files, credentials, and recorded video data. The confidentiality impact is high, while integrity and availability are not affected [1]. The CVSS v3.1 score reported in the reference is 7.7 (High) [1], though the CVE entry lists a lower score of 2.7.

Mitigation

The vendor, Intelbras, was contacted and quickly released a fixed version of the affected product. Users should upgrade to the latest firmware version to remediate the vulnerability [1]. No workarounds are documented; restricting access to the admin interface can reduce exposure but does not eliminate the risk.