CVE-2026-36438

MEDIUM

Intelbras VIP-1230-D-G4 V2.800.00IB00C.0.T - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-36438. PoCs published by kensh1k.

AI-analyzed exploit summary The repository describes an information leakage vulnerability in Intelbras VIP 1230 B/D G4 firmware versions prior to 6, where sensitive administrator account information can be obtained via the password reset functionality in the OutsideCmd file. The README provides a brief technical overview and references an official changelog but lacks exploit code or detailed analysis.

Description

An issue in Intelbras VIP-1230-D-G4 Version V2.800.00IB00C.0.T allows a remote attacker to obtain sensitive information via password reset functionality under /OutsideCmd

Exploits (1)

github WRITEUP
by kensh1k · poc
https://github.com/kensh1k/CVE-2026-36438

The repository describes an information leakage vulnerability in Intelbras VIP 1230 B/D G4 firmware versions prior to 6, where sensitive administrator account information can be obtained via the password reset functionality in the OutsideCmd file. The README provides a brief technical overview and references an official changelog but lacks exploit code or detailed analysis.

Classification
Writeup 80%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: Intelbras VIP 1230 B/D G4 (versions prior to 6)
No auth needed
Prerequisites: access to the password reset functionality
devstral-2 · analyzed May 18, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 5.3
EPSS 0.0005
EPSS Percentile 16.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-640
Status published
Published May 18, 2026
Tracked Since May 18, 2026