Vulnerabilities > CVE-2025-4286

CVSS 2.7 - LOW

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

CWE-256

NVD

Published: 2025-05-05

Updated: 2025-05-05

Summary

A vulnerability was found in Intelbras InControl up to 2.21.59. It has been classified as problematic. Affected is an unknown function of the component Dispositivos Edição Page. The manipulation of the argument Senha de Comunicação leads to unprotected storage of credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. According to the vendor this issue should be fixed in a later release.

Common Weakness Enumeration (CWE)

CWE-256 - Unprotected Storage of Credentials

References

https://eldruin.notion.site/Intelbras-InControl-v2-21-57-Storing-password-in-insecure-format-17d27474cccb8003b647ea832186b162?pvs=4
https://vuldb.com/?ctiid.307392
https://vuldb.com/?id.307392
https://vuldb.com/?submit.483834

Vulnerabilities > CVE-2025-4286 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2025-4286"}]}

Summary

Common Weakness Enumeration (CWE)

References

Vulnerabilities > CVE-2025-4286