CVE-2025-6765: Permission Issues in Intelbras InControl
A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60.9. This issue affects some unknown processing of the file /v1/operador/ of the component HTTP PUT Request Handler. The manipulation leads to permission issues. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AI Analysis
Technical Summary
CVE-2025-6765 is a medium-severity vulnerability identified in Intelbras InControl version 2.21.60.9, specifically within the HTTP PUT Request Handler component that processes requests to the /v1/operador/ endpoint. The vulnerability arises due to improper permission handling during the processing of these HTTP PUT requests, which can lead to unauthorized permission changes or privilege escalation. The flaw can be exploited remotely without requiring user interaction or prior authentication, as indicated by the CVSS vector (AV:N/AC:L/AT:N/PR:L/UI:N). The vulnerability impacts the confidentiality, integrity, and availability of the system to a limited extent (VC:L/VI:L/VA:L). Although the CVSS score is 5.3 (medium), the exploitability is relatively straightforward due to low attack complexity and no user interaction needed. The vendor, Intelbras, has not responded to early disclosure attempts, and no patches or mitigations have been publicly released. No known exploits are currently observed in the wild, but public disclosure of the exploit code increases the risk of future attacks. The vulnerability could allow attackers to manipulate permissions remotely, potentially enabling unauthorized access or control over the affected InControl system, which is typically used for device management or network control in enterprise or industrial environments.
Potential Impact
For European organizations using Intelbras InControl 2.21.60.9, this vulnerability poses a tangible risk of unauthorized access or privilege escalation within their network management infrastructure. Exploitation could lead to unauthorized configuration changes, data exposure, or disruption of services managed by InControl. Given that InControl is often deployed in critical infrastructure or enterprise environments, successful exploitation could compromise operational integrity and data confidentiality. The lack of vendor response and absence of patches heightens the risk, as organizations may remain exposed for extended periods. Additionally, the remote and unauthenticated nature of the exploit increases the attack surface, especially for organizations with externally accessible management interfaces. This could facilitate lateral movement or serve as a foothold for further attacks within corporate or industrial networks. The medium severity rating suggests moderate impact, but the criticality of the managed systems could amplify real-world consequences.
Mitigation Recommendations
European organizations should immediately audit their Intelbras InControl deployments to identify affected versions (2.21.60.9). Until an official patch is available, organizations should restrict network access to the InControl management interface, ideally isolating it within internal networks and blocking external access via firewalls or VPNs. Implement strict network segmentation to limit potential lateral movement from compromised devices. Monitor network traffic for unusual HTTP PUT requests targeting /v1/operador/ endpoints and deploy intrusion detection/prevention systems with custom signatures to detect exploitation attempts. Employ strong authentication and access controls on management interfaces, even if the vulnerability does not require authentication, to reduce overall risk. Regularly review logs for unauthorized permission changes or anomalous activities. Engage with Intelbras support channels to demand timely patch releases and stay updated on vendor advisories. Consider deploying compensating controls such as application-layer gateways or web application firewalls to filter malicious requests targeting the vulnerable endpoint.
Affected Countries
Germany, France, Italy, Spain, United Kingdom, Netherlands, Poland, Belgium
CVE-2025-6765: Permission Issues in Intelbras InControl
Description
A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60.9. This issue affects some unknown processing of the file /v1/operador/ of the component HTTP PUT Request Handler. The manipulation leads to permission issues. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AI-Powered Analysis
Technical Analysis
CVE-2025-6765 is a medium-severity vulnerability identified in Intelbras InControl version 2.21.60.9, specifically within the HTTP PUT Request Handler component that processes requests to the /v1/operador/ endpoint. The vulnerability arises due to improper permission handling during the processing of these HTTP PUT requests, which can lead to unauthorized permission changes or privilege escalation. The flaw can be exploited remotely without requiring user interaction or prior authentication, as indicated by the CVSS vector (AV:N/AC:L/AT:N/PR:L/UI:N). The vulnerability impacts the confidentiality, integrity, and availability of the system to a limited extent (VC:L/VI:L/VA:L). Although the CVSS score is 5.3 (medium), the exploitability is relatively straightforward due to low attack complexity and no user interaction needed. The vendor, Intelbras, has not responded to early disclosure attempts, and no patches or mitigations have been publicly released. No known exploits are currently observed in the wild, but public disclosure of the exploit code increases the risk of future attacks. The vulnerability could allow attackers to manipulate permissions remotely, potentially enabling unauthorized access or control over the affected InControl system, which is typically used for device management or network control in enterprise or industrial environments.
Potential Impact
For European organizations using Intelbras InControl 2.21.60.9, this vulnerability poses a tangible risk of unauthorized access or privilege escalation within their network management infrastructure. Exploitation could lead to unauthorized configuration changes, data exposure, or disruption of services managed by InControl. Given that InControl is often deployed in critical infrastructure or enterprise environments, successful exploitation could compromise operational integrity and data confidentiality. The lack of vendor response and absence of patches heightens the risk, as organizations may remain exposed for extended periods. Additionally, the remote and unauthenticated nature of the exploit increases the attack surface, especially for organizations with externally accessible management interfaces. This could facilitate lateral movement or serve as a foothold for further attacks within corporate or industrial networks. The medium severity rating suggests moderate impact, but the criticality of the managed systems could amplify real-world consequences.
Mitigation Recommendations
European organizations should immediately audit their Intelbras InControl deployments to identify affected versions (2.21.60.9). Until an official patch is available, organizations should restrict network access to the InControl management interface, ideally isolating it within internal networks and blocking external access via firewalls or VPNs. Implement strict network segmentation to limit potential lateral movement from compromised devices. Monitor network traffic for unusual HTTP PUT requests targeting /v1/operador/ endpoints and deploy intrusion detection/prevention systems with custom signatures to detect exploitation attempts. Employ strong authentication and access controls on management interfaces, even if the vulnerability does not require authentication, to reduce overall risk. Regularly review logs for unauthorized permission changes or anomalous activities. Engage with Intelbras support channels to demand timely patch releases and stay updated on vendor advisories. Consider deploying compensating controls such as application-layer gateways or web application firewalls to filter malicious requests targeting the vulnerable endpoint.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-06-27T05:48:40.764Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 685e8c6cca1063fb875df1c9
Added to database: 6/27/2025, 12:19:56 PM
Last enriched: 6/27/2025, 12:31:46 PM
Last updated: 8/18/2025, 11:25:16 AM
Views: 47
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.