CVE-2025-0784— Intelbras InControl Registered User usuario cleartext transmission
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-0784
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Intelbras InControl Registered User usuario cleartext transmission
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been found in Intelbras InControl up to 2.21.58 and classified as problematic. This vulnerability affects unknown code of the file /v1/usuario/ of the component Registered User Handler. The manipulation leads to cleartext transmission of sensitive information. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.21.59 is able to address this issue. It is recommended to upgrade the affected component.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
敏感数据的明文传输
Source: NVD (National Vulnerability Database)
Vulnerability Title
Intelbras InControl 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Intelbras InControl是Intelbras公司的一款访问控制管理软件,它允许用户轻松管理任何使用访问控制设备的入口和出口流量。 Intelbras InControl 2.21.58及之前版本存在安全漏洞,该漏洞源于组件Registered User Handler容易导致敏感信息明文传输。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2025-0784
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-0784
请登录查看更多情报信息。
- CVE-2025-0784 Intelbras InControl Registered User usuario cleartext transmissionsignaturepermissions-required
- https://nvd.nist.gov/vuln/detail/CVE-2025-0784
IV. Related Vulnerabilities
Same product: InControl
- CVE-2025-8515
Intelbras InControl JSON Endpoint operador information discl - CVE-2025-7061
Intelbras InControl operador csv injection - CVE-2025-6765
Intelbras InControl HTTP PUT Request operador permission - CVE-2025-4286
Intelbras InControl Dispositivos Edição Page credentials sto - CVE-2024-9325
Intelbras InControl incontrol-service-watchdog.exe unquoted
Same vendor: Intelbras
- CVE-2019-25472
IntelBras Telefone IP TIP200/200 LITE Arbitrary File Read vi - CVE-2026-3101
Intelbras TIP 635G Ping os command injection - CVE-2026-2564
Intelbras VIP 3260 Z IA OutsideCmd password recovery - CVE-2020-36963
Intelbras Router RF 301K 1.1.2 - Authentication Bypass - CVE-2025-13221
Intelbras UnniTI usuarios.xml credentials storage
Same weakness: CWE-319
- CVE-2026-45180
Catalyst::Plugin::Statsd versions through 0.10.0 for Perl ma - CVE-2026-45179
Plack::Middleware::Statsd versions before 0.9.0 for Perl may - CVE-2025-59852
HCL DFXAnalytics is affected by an Insufficient Transport - CVE-2026-7610
TRENDnet TEW-821DAP Firmware Update ssi cleartext transmissi - CVE-2026-42514
Sensitive Data Exposure Vulnerability in e-Sushrut HMIS
V. Comments for CVE-2025-0784
No comments yet