CVE-2025-8515

CVE Database · CVE-2025-8515

CVE-2025-8515

· LOWModified

CVSS v3.1

3.1

CVSS v4.0

1.3

EPSS

0.25%

Published

Aug 4, 2025

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A weakness has been identified in Intelbras InControl 2.21.60.9. This vulnerability affects unknown code of the file /v1/operador/ of the component JSON Endpoint. Executing manipulation can lead to information disclosure. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is stated that the exploitability is difficult. The exploit has been made available to the public and could be exploited. Upgrading the affected component is advised.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Weaknesses (CWE)

CWE-200CWE-284

Affected Products (1)

intelbras · incontrol_webvulnerable

References (4)

https://backend.intelbras.com/sites/default/files/2025-08/Aviso%20de%20Seguran%C3%A7a%20-%20Incontrol%202.21.60%20e%202.21.61%20PT-IN%20.pdf

https://vuldb.com/?ctiid.318641

Permissions RequiredVDB Entry

https://vuldb.com/?id.318641

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.579544

Third Party AdvisoryVDB Entry

KEV Catalog EPSS Scores Vendors All CVEs