Information Disclosure Vulnerability in Intelbras InControl Product
CVE-2025-8515

2.3LOW

Key Information:

Vendor

Intelbras

Status
Incontrol
Vendor
CVE Published:
4 August 2025

What is CVE-2025-8515?

A vulnerability has been identified in the Intelbras InControl system version 2.21.60.9, specifically within the JSON Endpoint processing of the file /v1/operador/. This flaw allows for potential information disclosure which can be exploited remotely. While the attack complexity is notably high, means for exploitation have been publicly revealed. Users are strongly advised to update their systems to mitigate risks associated with this vulnerability.

Affected Version(s)

InControl 2.21.60.9

References

https://vuldb.com/?id.318641
vdb-entrytechnical-description
https://vuldb.com/?ctiid.318641
signaturepermissions-required
https://vuldb.com/?submit.579544
third-party-advisory

CVSS V4

Score:
2.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

lorenzomoulin (VulDB User)
JSON
.