Intelbras TIP 200/200 LITE/300 - Local File Inclusion
Intelbras TIP 200 60.61.75.15, TIP 200 LITE 60.61.75.15, and TIP 300 65.61.75.22 are vulnerable to local file inclusion via the 'page' parameter in /cgi-bin/cgiServer.exx, allowing unauthenticated attackers to read arbitrary files such as /etc/passwd.
References:
- https://lucxs.medium.com/cve-2020-13886-lfi-voip-intelbras-d30f27a39b22
- https://nvd.nist.gov/vuln/detail/CVE-2020-13886
Remediation:
Update the device firmware to the latest version provided by Intelbras.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
11 days 23 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox