CVE-2020-13886

MEDIUM NUCLEI

Intelbras TIP 200/TIP 200 LITE 60.61.75.15 & TIP 300 65.61.75.22 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2020-13886. PoCs published by Ls4ss. A Nuclei detection template is also available.

AI-analyzed exploit summary This PoC demonstrates a Local File Inclusion (LFI) vulnerability in Intelbras TIP 200/200 LITE & TIP 300 devices. It allows an attacker to read arbitrary files, such as /etc/shadow, by manipulating the 'page' parameter in the URL.

Description

Intelbras TIP 200 60.61.75.15, TIP 200 LITE 60.61.75.15, and TIP 300 65.61.75.22 devices allow cgi-bin/cgiServer.exx?page=../ Directory Traversal.

Exploits (3)

nomisec WORKING POC 9 stars
by Ls4ss · poc
https://github.com/Ls4ss/CVE-2020-13886

This PoC demonstrates a Local File Inclusion (LFI) vulnerability in Intelbras TIP 200/200 LITE & TIP 300 devices. It allows an attacker to read arbitrary files, such as /etc/shadow, by manipulating the 'page' parameter in the URL.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Intelbras TIP 200 / TIP 200 LITE / TIP 300 (versions 60.61.75.15 / 65.61.75.22)
Auth required
Prerequisites: Network access to the target device · Valid admin credentials (default: admin/admin)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
inthewild WORKING POC
poc
https://github.com/lucxssouza/cve-2020-13886

The repository contains a functional Python script that exploits a Local File Inclusion (LFI) vulnerability in Intelbras TIP 200/200 LITE and TIP 300 devices. The PoC sends a crafted HTTP request to read arbitrary files, such as /etc/shadow, by manipulating the 'page' parameter in the URL.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Intelbras TIP 200 / TIP 200 LITE / TIP 300 (versions 60.61.75.15, 65.61.75.22)
Auth required
Prerequisites: network access to the target device · valid admin credentials (default: admin/admin)
devstral-2 · analyzed Feb 23, 2026 Full analysis →
inthewild WORKING POC
poc
https://github.com/lsass-exe/cve-2020-13886

The repository contains a functional Python script that exploits a Local File Inclusion (LFI) vulnerability in Intelbras TIP 200/200 LITE/300 devices. The PoC sends a crafted HTTP request to read arbitrary files (e.g., /etc/shadow) via path traversal, demonstrating the vulnerability.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Intelbras TIP 200 / TIP 200 LITE / TIP 300 (versions 60.61.75.15, 65.61.75.22)
Auth required
Prerequisites: network access to the target device · valid admin credentials (default: admin/admin)
devstral-2 · analyzed Feb 23, 2026 Full analysis →

Nuclei Templates (1)

Intelbras TIP 200/200 LITE/300 - Local File Inclusion
HIGHVERIFIEDby ritikchaddha
Shodan: html:"/cgi-bin/cgiServer.exx"
FOFA: body="/cgi-bin/cgiServer.exx"

References (3)

Core 3
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.youtube.com/watch?v=nNKBRx8IglI
Exploit, Third Party Advisory x_refsource_misc
https://github.com/lucxssouza/CVE-2020-13886
Exploit, Third Party Advisory x_refsource_misc
https://lucxs.medium.com/cve-2020-13886-lfi-voip-intelbras-d30f27a39b22

Scores

CVSS v3 5.3
EPSS 0.0181
EPSS Percentile 83.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-22
Status published
Products (3)
intelbras/tip200_firmware 60.61.75.15
intelbras/tip200lite_firmware 60.61.75.15
intelbras/tip300_firmware 65.61.75.22
Published Nov 26, 2020
Tracked Since Feb 18, 2026