CVE-2025-4286
Last modified
CVE-2025-4286 is a medium-severity vulnerability rated 5.1/10 on the CVSS scale. A vulnerability was found in Intelbras InControl up to 2.21.59. It has been classified as problematic. EPSS estimates a 0.43% chance of exploitation in the next 30 days.
Description
A vulnerability was found in Intelbras InControl up to 2.21.59. It has been classified as problematic. Affected is an unknown function of the component Dispositivos Edição Page. The manipulation of the argument Senha de Comunicação leads to unprotected storage of credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. According to the vendor this issue should be fixed in a later release.
Metrics
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Intelbras | Incontrol Web | <= 2.21.59 |
References
- https://vuldb.com/?ctiid.307392Permissions Required, VDB Entry
- https://vuldb.com/?id.307392Third Party Advisory, VDB Entry
- https://vuldb.com/?submit.483834Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-4286?
How severe is CVE-2025-4286?
How do I fix CVE-2025-4286?
Are you affected by CVE-2025-4286?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST