VYPR
Vendor

Intelbras

Products
39
CVEs
62
Across products
69
Status
Private

Products

39
View all 39 products →

Recent CVEs

62
View all 62 CVEs →
  • CVE-2018-11094CriMay 15, 2018
    risk 0.70cvss 9.8epss 0.36

    An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the…

  • CVE-2017-14942CriSep 30, 2017
    risk 0.69cvss 9.8epss 0.61

    Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie.

  • CVE-2018-10369CriAug 15, 2018
    risk 0.64cvss 9.8epss 0.02

    A Cross-site scripting (XSS) vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. An attacker can change the Admin Password without a Login.

  • CVE-2026-2564HigFeb 16, 2026
    risk 0.53cvss 8.1epss 0.00

    A security flaw has been discovered in Intelbras VIP 3260 Z IA 2.840.00IB005.0.T. Affected by this vulnerability is an unknown functionality of the file /OutsideCmd. The manipulation results in weak password recovery. It is possible to launch the attack remotely. Attacks of this…

  • CVE-2025-67070HigJan 9, 2026
    risk 0.53cvss 8.2epss 0.00

    A vulnerability exists in Intelbras CFTV IP NVD 9032 R Ftd V2.800.00IB00C.0.T, which allows an unauthenticated attacker to bypass the multi-factor authentication (MFA) mechanism during the password recovery process. This results in the ability to change the admin password and…

  • CVE-2018-9010HigMar 25, 2018
    risk 0.51cvss 7.2epss 0.10

    Intelbras TELEFONE IP TIP200/200 LITE 60.0.75.29 devices allow remote authenticated admins to read arbitrary files via the /cgi-bin/cgiServer.exx page parameter, aka absolute path traversal. In some cases, authentication can be achieved via the admin account with its default…

  • CVE-2020-36963HigJan 28, 2026
    risk 0.49cvss 7.5epss 0.00

    Intelbras Router RF 301K firmware version 1.1.2 contains an authentication bypass vulnerability that allows unauthenticated attackers to download router configuration files. Attackers can send a specific HTTP GET request to /cgi-bin/DownloadCfg/RouterCfm.cfg to retrieve…

  • CVE-2017-14219MedSep 7, 2017
    risk 0.43cvss 6.1epss 0.01

    XSS (persistent) on the Intelbras Wireless N 150Mbps router with firmware WRN 240 allows attackers to steal wireless credentials without being connected to the network, related to userRpm/popupSiteSurveyRpm.htm and userRpm/WlanSecurityRpm.htm. The attack vector is a crafted…

  • CVE-2026-3101MedFeb 24, 2026
    risk 0.41cvss 6.3epss 0.03

    A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor…

  • CVE-2025-6765MedJun 27, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60.9. This issue affects some unknown processing of the file /v1/operador/ of the component HTTP PUT Request Handler. The manipulation leads to permission issues. The attack may be…

  • CVE-2026-36438MedMay 18, 2026
    risk 0.34cvss 5.3epss 0.00

    An issue in Intelbras VIP-1230-D-G4 Version V2.800.00IB00C.0.T allows a remote attacker to obtain sensitive information via password reset functionality under /OutsideCmd

  • CVE-2025-13221MedNov 15, 2025
    risk 0.34cvss 5.3epss 0.00

    A weakness has been identified in Intelbras UnniTI 24.07.11. The affected element is an unknown function of the file /xml/sistema/usuarios.xml. Executing manipulation of the argument Usuario/Senha can lead to unprotected storage of credentials. The attack can be executed…

  • CVE-2024-12896MedDec 22, 2024
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was found in Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 and VIP S4320 G2 up to 20241222 and classified as problematic. Affected by this issue is some unknown functionality of the file /web_caps/webCapsConfig of the component Web Interface. The…

  • CVE-2024-3160MedApr 2, 2024
    risk 0.34cvss 5.3epss 0.01

    ** DISPUTED ** A vulnerability, which was classified as problematic, was found in Intelbras MHDX 1004, MHDX 1008, MHDX 1016, MHDX 5016, HDCVI 1008 and HDCVI 1016 up to 20240401. This affects an unknown part of the file /cap.js of the component HTTP GET Request Handler. The…

  • CVE-2024-12897MedDec 23, 2024
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 and VIP S4320 G2 up to 20241222. It has been classified as critical. This affects an unknown part of the file ../mtd/Config/Sha1Account1 of the component Web Interface. The manipulation leads to path…

  • CVE-2025-8515LowAug 4, 2025
    risk 0.20cvss 3.1epss 0.00

    A weakness has been identified in Intelbras InControl 2.21.60.9. This vulnerability affects unknown code of the file /v1/operador/ of the component JSON Endpoint. Executing manipulation can lead to information disclosure. It is possible to launch the attack remotely. A high…

  • CVE-2026-12211LowJun 15, 2026
    risk 0.18cvss 2.7epss 0.00

    A flaw has been found in Intelbras iNVU 7016 FT 3.004.00IB000.0.T Build 2025-09-26. This impacts an unknown function of the file /RPC2_Loadfile/syslog/ of the component Web Interface. Executing a manipulation can lead to path traversal. The attack can be launched remotely. The…

  • CVE-2025-7061LowJul 4, 2025
    risk 0.18cvss 2.7epss 0.00

    A vulnerability was found in Intelbras InControl up to 2.21.60.9. It has been declared as problematic. This vulnerability affects unknown code of the file /v1/operador/. The manipulation leads to csv injection. The attack can be initiated remotely. The exploit has been disclosed…

  • CVE-2025-4996LowMay 20, 2025
    risk 0.16cvss 2.4epss 0.00

    A vulnerability, which was classified as problematic, has been found in Intelbras RF 301K 1.1.5. This issue affects some unknown processing of the component Add Static IP. The manipulation of the argument Description leads to cross site scripting. The attack may be initiated…

  • CVE-2025-3157LowApr 3, 2025
    risk 0.16cvss 2.4epss 0.00

    A vulnerability was found in Intelbras WRN 150 1.0.15_pt_ITB01. It has been rated as problematic. This issue affects some unknown processing of the component Wireless Menu. The manipulation of the argument SSID leads to cross site scripting. The attack may be initiated remotely.…