Intelbras Rx 1500 Firmware vulnerabilities
7 known vulnerabilities affecting intelbras/rx_1500_firmware.
Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH2MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2025-26063P2CRITICALCVSS 9.8v2.2.92025-07-31
CVE-2025-26063 [CRITICAL] CWE-77 CVE-2025-26063: An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to execute a
An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to execute arbitrary code via injecting a crafted payload into the ESSID name when creating a network.
nvd
CVE-2025-26062P3CRITICALCVSS 9.8v2.2.92025-07-31
CVE-2025-26062 [CRITICAL] CWE-284 CVE-2025-26062: An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attacke
An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to access the router's settings file and obtain potentially sensitive information from the current settings.
nvd
CVE-2025-26064P3HIGHCVSS 7.3v2.2.92025-07-31
CVE-2025-26064 [HIGH] CWE-79 CVE-2025-26064: A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows atta
A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a connnected device.
nvd
CVE-2025-26065P3HIGHCVSS 7.3v2.2.92025-08-04
CVE-2025-26065 [HIGH] CWE-79 CVE-2025-26065: A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows atta
A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a visiting Wi-Fi network.
nvd
CVE-2025-50404P3MEDIUMCVSS 5.3≤ 2.2.172025-07-01
CVE-2025-50404 [MEDIUM] CWE-190 CVE-2025-50404: Intelbras RX1500 Router v2.2.17 and before is vulnerable to Integer Overflow. The websReadEvent func
Intelbras RX1500 Router v2.2.17 and before is vulnerable to Integer Overflow. The websReadEvent function incorrectly uses the int type when processing the "command" field of the http header, causing the array to cross the boundary and overwrite other fields in the array.
nvd
CVE-2025-50405P3MEDIUMCVSS 6.5≤ 2.2.172025-07-01
CVE-2025-50405 [MEDIUM] CWE-284 CVE-2025-50405: Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the Firmware
Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the FirmwareUpload function and GetFirmwareValidation function.
nvd
CVE-2023-6103P4MEDIUMCVSS 5.4v1.1.92023-11-13
CVE-2023-6103 [MEDIUM] CWE-79 CVE-2023-6103: A vulnerability has been found in Intelbras RX 1500 1.1.9 and classified as problematic. Affected by
A vulnerability has been found in Intelbras RX 1500 1.1.9 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /WiFi.html of the component SSID Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The i
nvd