CVE-2020-12262

MEDIUM NUCLEI

Intelbras TIP200, TIP200LITE, and TIP300 Firmware - Cross-Site Scripting via cgiServer.exx Page Parameter

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2020-12262 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.

Description

Intelbras TIP200 60.61.75.15, TIP200LITE 60.61.75.15, and TIP300 65.61.75.15 devices allow /cgi-bin/cgiServer.exx?page= XSS.

Nuclei Templates (1)

Intelbras TIP200/TIP200LITE/TIP300 - Cross-Site Scripting
MEDIUMby ritikchaddha
Shodan: title:"Intelbras"
FOFA: title="Intelbras"

References (3)

Core 3
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.youtube.com/watch?v=rihboOgiJRs
Exploit, Third Party Advisory x_refsource_misc
https://blog.skullsec.com.br/CVE-2020-12262/
Exploit, Third Party Advisory x_refsource_misc
https://lucxs.medium.com/cve-2020-12262-xss-voip-intelbras-d5697e31fbf6

Scores

CVSS v3 5.4
EPSS 0.0151
EPSS Percentile 71.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (3)
intelbras/tip200_firmware 65.61.75.15
intelbras/tip200lite_firmware 60.61.75.15
intelbras/tip300_firmware 60.61.75.15
Published Nov 27, 2020
Tracked Since Feb 18, 2026