CVE-2025-26064

Description

A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a connnected device.

Reserved 2025-02-07 | Published 2025-07-31 | Updated 2025-07-31 | Assigner mitre

References

manuais.intelbras.com.br/...al-linha-rx/ChangeLogRX1500.html

manuais.intelbras.com.br/...al-linha-rx/ChangeLogRX3000.html

seclists.org/fulldisclosure/2025/Jul/14

cve.org (CVE-2025-26064)

nvd.nist.gov (CVE-2025-26064)

Download JSON