Cross-Site Scripting in Intelbras VoIP Devices
CVE-2020-12262
5.4MEDIUM
What is CVE-2020-12262?
Intelbras VoIP devices, specifically the TIP200, TIP200LITE, and TIP300 models, are susceptible to a Cross-Site Scripting (XSS) vulnerability. This flaw allows an attacker to inject malicious scripts through the vulnerable CGI endpoint /cgi-bin/cgiServer.exx?page=, potentially enabling unauthorized access or manipulation of user data. Users of these devices are strongly advised to implement security measures to minimize the risk of exploitation and ensure the integrity of their communications.