RX1500
by Intelbras
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-26065 | 0.00 | — | 0.00 | Aug 4, 2025 | A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a visiting Wi-Fi network. | |||
| CVE-2025-26063 | 0.00 | — | 0.02 | Jul 31, 2025 | An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to execute arbitrary code via injecting a crafted payload into the ESSID name when creating a network. | |||
| CVE-2025-26062 | 0.00 | — | 0.01 | Jul 31, 2025 | An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to access the router's settings file and obtain potentially sensitive information from the current settings. | |||
| CVE-2025-26064 | 0.00 | — | 0.00 | Jul 31, 2025 | A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a connnected device. | |||
| CVE-2025-50405 | 0.00 | — | 0.00 | Jul 1, 2025 | Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the FirmwareUpload function and GetFirmwareValidation function. | |||
| CVE-2025-50404 | 0.00 | — | 0.00 | Jul 1, 2025 | Intelbras RX1500 Router v2.2.17 and before is vulnerable to Integer Overflow. The websReadEvent function incorrectly uses the int type when processing the "command" field of the http header, causing the array to cross the boundary and overwrite other fields in the array. |
- CVE-2025-26065Aug 4, 2025risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a visiting Wi-Fi network.
- CVE-2025-26063Jul 31, 2025risk 0.00cvss —epss 0.02
An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to execute arbitrary code via injecting a crafted payload into the ESSID name when creating a network.
- CVE-2025-26062Jul 31, 2025risk 0.00cvss —epss 0.01
An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to access the router's settings file and obtain potentially sensitive information from the current settings.
- CVE-2025-26064Jul 31, 2025risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a connnected device.
- CVE-2025-50405Jul 1, 2025risk 0.00cvss —epss 0.00
Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the FirmwareUpload function and GetFirmwareValidation function.
- CVE-2025-50404Jul 1, 2025risk 0.00cvss —epss 0.00
Intelbras RX1500 Router v2.2.17 and before is vulnerable to Integer Overflow. The websReadEvent function incorrectly uses the int type when processing the "command" field of the http header, causing the array to cross the boundary and overwrite other fields in the array.