GCVE - cpe:2.3:o:intelbras:rx_1500_firmware:2.2.9:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:intelbras:rx_1500_firmware:2.2.9:*:*:*:*:*:*:*

part: o version: 2.2.9 update: *

Vendor	Intelbras (`2b2fad66-17b2-58cb-a9f2-84cc7e530641`)
Product	Rx 1500 Firmware (`56d4847d-f704-5f4a-b7a9-d357a888f11b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-26065`	vulnerable	2026-06-03 14:59:58.736060	Details available A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a visiting Wi-Fi network. Published: 2025-08-04T00:00:00.000Z Updated: 2025-11-03T19:45:20.059Z Open on db.gcve.eu Reference links https://manuais.intelbras.com.br/manual-linha-rx/ChangeLogRX1500.html https://manuais.intelbras.com.br/manual-linha-rx/ChangeLogRX3000.html https://seclists.org/fulldisclosure/2025/Jul/26	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-26064`	vulnerable	2026-06-03 14:59:58.735459	Details available A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a connnected device. Published: 2025-07-31T00:00:00.000Z Updated: 2025-11-03T19:45:18.531Z Open on db.gcve.eu Reference links https://manuais.intelbras.com.br/manual-linha-rx/ChangeLogRX1500.html https://manuais.intelbras.com.br/manual-linha-rx/ChangeLogRX3000.html https://seclists.org/fulldisclosure/2025/Jul/14	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-26063`	vulnerable	2026-06-03 14:59:58.734777	Details available An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to execute arbitrary code via injecting a crafted payload into the ESSID name when creating a network. Published: 2025-07-31T00:00:00.000Z Updated: 2025-11-03T19:45:15.195Z Open on db.gcve.eu Reference links https://manuais.intelbras.com.br/manual-linha-rx/ChangeLogRX1500.html https://manuais.intelbras.com.br/manual-linha-rx/ChangeLogRX3000.html https://seclists.org/fulldisclosure/2025/Jul/14	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-26062`	vulnerable	2026-06-03 14:59:58.730374	Details available An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to access the router's settings file and obtain potentially sensitive information from the current settings. Published: 2025-07-31T00:00:00.000Z Updated: 2025-11-03T19:45:12.355Z Open on db.gcve.eu Reference links https://manuais.intelbras.com.br/manual-linha-rx/ChangeLogRX1500.html https://manuais.intelbras.com.br/manual-linha-rx/ChangeLogRX3000.html https://seclists.org/fulldisclosure/2025/Jul/14	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.