Intelbras TIP200/TIP200LITE/TIP300 - Cross-Site Scripting

Intelbras TIP200 60.61.75.15, TIP200LITE 60.61.75.15, and TIP300 65.61.75.15 are vulnerable to reflected cross-site scripting (XSS) via the page parameter in /cgi-bin/cgiServer.exx, allowing attackers to execute arbitrary JavaScript in the context of the user.

References:

https://lucxs.medium.com/cve-2020-12262-xss-voip-intelbras-d5697e31fbf6
https://www.youtube.com/watch?v=rihboOgiJRs
https://nvd.nist.gov/vuln/detail/CVE-2020-12262

Remediation:
Update the device firmware to the latest version provided by Intelbras.

Short Info

Level

Medium

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

13 days 6 hours

Scan only one

Domain, Subdomain, IPv4

Toolbox

-

Get started to protecting your digital assets

Start trial See the plans

Intelbras TIP200/TIP200LITE/TIP300 - Cross-Site Scripting

Short Info

-

Detail

Solution Advice

Category