CVE-2025-4286: Intelbras InControl Dispositivos Edição Page credentials storage
First published: Mon May 05 2025(Updated: )
A vulnerability was found in Intelbras InControl up to 2.21.59. It has been classified as problematic. Affected is an unknown function of the component Dispositivos Edição Page. The manipulation of the argument Senha de Comunicação leads to unprotected storage of credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. According to the vendor this issue should be fixed in a later release.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intelbras InControl | <=2.21.59 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-4286?
CVE-2025-4286 is classified as a problematic vulnerability.
How do I fix CVE-2025-4286?
To fix CVE-2025-4286, update Intelbras InControl to version 2.21.60 or later.
What type of credentials are affected by CVE-2025-4286?
CVE-2025-4286 affects the unprotected storage of communication credentials.
Which component is vulnerable in CVE-2025-4286?
The vulnerable component in CVE-2025-4286 is the Dispositivos Edição Page.
What is the impact of exploiting CVE-2025-4286?
Exploiting CVE-2025-4286 could allow unauthorized access to sensitive credentials.
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/author
- agent/last-modified-date
- agent/severity
- agent/event
- collector/epss-latest
- source/FIRST
- agent/source
- agent/tags
- agent/epss
- vendor/intelbras
- canonical/intelbras incontrol