CVE-2025-4996
LOWIntelbras RF 301K 1.1.5 - Cross-Site Scripting via Add Static IP Description Parameter
Title source: llmDescription
A vulnerability, which was classified as problematic, has been found in Intelbras RF 301K 1.1.5. This issue affects some unknown processing of the component Add Static IP. The manipulation of the argument Description leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure.
References (3)
Core 3
Core References
Permissions Required, VDB Entry vdb-entry
technical-description
https://vuldb.com/?id.309647
Permissions Required, VDB Entry signature
permissions-required
https://vuldb.com/?ctiid.309647
Permissions Required, VDB Entry third-party-advisory
https://vuldb.com/?submit.501900
Scores
CVSS v3
2.4
EPSS
0.0026
EPSS Percentile
17.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-79
CWE-94
Status
published
Products (1)
Intelbras/RF 301K
1.1.5
Published
May 20, 2025
Tracked Since
Feb 18, 2026