GCVE - cpe:2.3:a:intelbras:incontrol_web:2.21.60.9:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:intelbras:incontrol_web:2.21.60.9:*:*:*:*:*:*:*

part: a version: 2.21.60.9 update: *

Vendor	Intelbras (`2b2fad66-17b2-58cb-a9f2-84cc7e530641`)
Product	Incontrol Web (`99ab048c-6db6-5522-9d67-a933b10252fc`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-8515`	vulnerable	2026-06-03 15:13:44.101148	Intelbras InControl JSON Endpoint operador information disclosure LOW (3.1) A weakness has been identified in Intelbras InControl 2.21.60.9. This vulnerability affects unknown code of the file /v1/operador/ of the component JSON Endpoint. Executing manipulation can lead to information disclosure. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is stated that the exploitability is difficult. The exploit has been made available to the public and could be exploited. Upgrading the affected component is advised. Published: 2025-08-04T10:32:05.124Z Updated: 2025-10-29T06:53:04.612Z Open on db.gcve.eu Reference links https://vuldb.com/?id.318641 https://vuldb.com/?ctiid.318641 https://vuldb.com/?submit.579544 https://backend.intelbras.com/sites/default/files/2025-08/Aviso%20de%20Seguran%C3%A7a%20-%20Incontrol%202.21.60%20e%202.21.61%20PT-IN%20.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-6765`	vulnerable	2026-06-03 15:12:28.889163	Intelbras InControl HTTP PUT Request operador permission MEDIUM (6.3) A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60.9. This issue affects some unknown processing of the file /v1/operador/ of the component HTTP PUT Request Handler. The manipulation leads to permission issues. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2025-06-27T12:00:15.432Z Updated: 2025-06-27T13:00:14.193Z Open on db.gcve.eu Reference links https://vuldb.com/?id.314075 https://vuldb.com/?ctiid.314075 https://vuldb.com/?submit.599873 https://vuldb.com/?submit.599880	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Incontrol Web

PURL mappings

Vulnerability references

Contribute