4 matches found
CVE-2020-13886
Intelbras TIP 200/200 LITE/300 are affected by a Local File Inclusion vulnerability in /cgi-bin/cgiServer.exx via the page parameter (e.g., page=..%). Unauthenticated attackers can read arbitrary files (notably /etc/passwd), potentially leading to device compromise. Affected models and firmware s...
CVE-2020-24285
CVE-2020-24285 affects INTELBRAS Telefone IP TIP200 (60.61.75.22). Nuclei concrete detail: information disclosure via Local File Inclusion through /cgi-bin/export_settings.sh, allowing unauthenticated access to sensitive device information and configuration data (potentially including credentials...
CVE-2020-12262
Intelbras TIP200 (60.61.75.15), TIP200LITE (60.61.75.15) and TIP300 (65.61.75.15) are vulnerable to reflected XSS via the page parameter of /cgi-bin/cgiServer.exx. The underlying issue is a failure to sanitize input in that endpoint, allowing arbitrary JavaScript execution in the user’s browser. ...
CVE-2018-9010
Intelbras TELEFONE IP TIP200/200 LITE (firmware 60.0.75.29) is affected by an absolute path traversal via the /cgi-bin/cgiServer.exx parameter, allowing remote authenticated admins to read arbitrary files. Some entries note possible authentication via a default admin password. No remediation deta...