CVE-2025-6765

CVE Database · CVE-2025-6765

CVE-2025-6765

· MEDIUMAnalyzed

CVSS v3.1

6.3

CVSS v4.0

2.1

EPSS

0.36%

Published

Jun 27, 2025

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60.9. This issue affects some unknown processing of the file /v1/operador/ of the component HTTP PUT Request Handler. The manipulation leads to permission issues. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Weaknesses (CWE)

CWE-266CWE-275CWE-639

Affected Products (1)

intelbras · incontrol_webvulnerable

References (6)

https://vuldb.com/?ctiid.314075

Permissions RequiredVDB Entry

https://vuldb.com/?id.314075

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.599873