cbcvebase.

Intelbras Incontrol Web vulnerabilities

7 known vulnerabilities affecting intelbras/incontrol_web.

Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM2LOW2

Vulnerabilities

Page 1 of 1
CVE-2025-6765P2HIGHCVSS 8.8v2.21.60.92025-06-27
CVE-2025-6765 [HIGH] CWE-266 CVE-2025-6765: A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60.9. A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60.9. This issue affects some unknown processing of the file /v1/operador/ of the component HTTP PUT Request Handler. The manipulation leads to permission issues. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2024-9324P3HIGHCVSS 8.8fixed in 2.21.582024-09-29
CVE-2024-9324 [HIGH] CWE-74 CVE-2024-9324: A vulnerability was found in Intelbras InControl up to 2.21.57. It has been rated as critical. Affec A vulnerability was found in Intelbras InControl up to 2.21.57. It has been rated as critical. Affected by this issue is some unknown functionality of the file /v1/operador/ of the component Relatório de Operadores Page. The manipulation of the argument fields leads to code injection. The attack may be launched remotely. The exploit has been disclosed to
nvd
CVE-2024-9325P3HIGHCVSS 7.8fixed in 2.21.582024-09-29
CVE-2024-9325 [HIGH] CWE-426 CVE-2024-9325: A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This aff A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. Upgrading to versio
nvd
CVE-2025-0784P3MEDIUMCVSS 5.9fixed in 2.21.592025-01-28
CVE-2025-0784 [MEDIUM] CWE-310 CVE-2025-0784: A vulnerability has been found in Intelbras InControl up to 2.21.58 and classified as problematic. T A vulnerability has been found in Intelbras InControl up to 2.21.58 and classified as problematic. This vulnerability affects unknown code of the file /v1/usuario/ of the component Registered User Handler. The manipulation leads to cleartext transmission of sensitive information. The attack can be initiated remotely. The complexity of an attack is rat
nvd
CVE-2025-4286P4MEDIUMCVSS 4.9≤ 2.21.592025-05-05
CVE-2025-4286 [MEDIUM] CWE-255 CVE-2025-4286: A vulnerability was found in Intelbras InControl up to 2.21.59. It has been classified as problemati A vulnerability was found in Intelbras InControl up to 2.21.59. It has been classified as problematic. Affected is an unknown function of the component Dispositivos Edição Page. The manipulation of the argument Senha de Comunicação leads to unprotected storage of credentials. It is possible to launch the attack remotely. The exploit has been disclosed
nvd
CVE-2025-8515P4LOWCVSS 3.7v2.21.60.92025-08-04
CVE-2025-8515 [LOW] CWE-200 CVE-2025-8515: A weakness has been identified in Intelbras InControl 2.21.60.9. This vulnerability affects unknown A weakness has been identified in Intelbras InControl 2.21.60.9. This vulnerability affects unknown code of the file /v1/operador/ of the component JSON Endpoint. Executing manipulation can lead to information disclosure. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is stated that the exploitabil
nvd
CVE-2025-7061P4LOWCVSS 2.7≥ 2.21.60.0, ≤ 2.21.60.92025-07-04
CVE-2025-7061 [LOW] CWE-74 CVE-2025-7061: A vulnerability was found in Intelbras InControl up to 2.21.60.9. It has been declared as problemati A vulnerability was found in Intelbras InControl up to 2.21.60.9. It has been declared as problematic. This vulnerability affects unknown code of the file /v1/operador/. The manipulation leads to csv injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disc
nvd
Intelbras Incontrol Web vulnerabilities | cvebase