Sensitive Information Exposure in INTELBRAS TELEFONE IP TIP200
CVE-2020-24285

7.5HIGH

Key Information:

Vendor: Intelbras
Status: Tip200 Firmware
Vendor: CVE Published:; 12 April 2021

What is CVE-2020-24285?

The INTELBRAS TELEFONE IP TIP200, specifically version 60.61.75.22, contains a vulnerability that allows attackers to access sensitive information via the /cgi-bin/cgiServer.exx endpoint. This flaw may lead to unauthorized disclosure of critical data, posing significant risks to users and organizations relying on this communication device. Proper security measures and updates are essential to mitigate such vulnerabilities and ensure data protection.

References

http://intelbras.com

x_refsource_MISC

https://github.com/SecLoop/CVE/blob/main/telefone_ip_tip2...

x_refsource_MISC

EPSS Score

13% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 12, 2021
Vulnerability Reserved
Aug 13, 2020

Intelbras

What is CVE-2020-24285?

References

EPSS Score

CVSS V3.1

Timeline