CVE-2025-26062 in RX 1500info

Summary

by MITRE • 07/31/2025

An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to access the router's settings file and obtain potentially sensitive information from the current settings.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 08/04/2025

The vulnerability identified as CVE-2025-26062 represents a critical access control flaw affecting Intelbras RX1500 version 2.2.9 and RX3000 version 1.0.11 network routers. This issue stems from insufficient authentication mechanisms that permit unauthorized individuals to directly access sensitive configuration files without proper credentials. The flaw exists within the web interface implementation of these devices, where specific endpoints are exposed without adequate authorization checks, creating a pathway for malicious actors to extract valuable system information. Such vulnerabilities typically arise from improper input validation and weak session management within the device's firmware architecture, allowing attackers to bypass standard security controls through direct URL manipulation or API endpoint access.

The technical exploitation of this vulnerability involves unauthenticated access to configuration files that contain sensitive operational data including network settings, user credentials, and system parameters. Attackers can leverage this weakness to obtain administrative access credentials, network topology information, and other confidential data that could facilitate further exploitation or lateral movement within the network. The impact extends beyond simple information disclosure as the extracted configuration data may reveal network architecture details that enable more sophisticated attacks such as man-in-the-middle operations or targeted social engineering campaigns. This type of vulnerability commonly maps to CWE-284 which addresses improper access control, and aligns with ATT&CK technique T1212 which involves exploitation of software vulnerabilities for privilege escalation.

Organizations utilizing affected Intelbras devices face significant operational risks including potential network compromise, data exfiltration, and unauthorized access to connected systems. The vulnerability creates a persistent threat vector that remains active until the firmware is updated, potentially allowing attackers to maintain long-term access to network infrastructure. Network administrators should immediately assess their device inventory to identify affected units and implement temporary network segmentation measures while awaiting official patches. The lack of authentication requirements for critical configuration data violates fundamental security principles and represents a failure in the device's security design, potentially exposing organizations to regulatory compliance violations and increased liability exposure. Mitigation strategies include immediate firmware updates from Intelbras, network monitoring for suspicious access patterns, and implementation of additional access controls through network firewalls or intrusion detection systems to limit exposure to this vulnerability.

Disclosure

07/31/2025

Moderation

accepted

CPE

ready

EPSS

0.01043

KEV

no

Activities

very low

Sources

Might our Artificial Intelligence support you?

Check our Alexa App!