CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-26064

A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a connnected device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 26.0%

CVSS Severity

CVSS v3 Score 7.3

References

https://manuais.intelbras.com.br/manual-linha-rx/ChangeLogRX1500.html
https://manuais.intelbras.com.br/manual-linha-rx/ChangeLogRX3000.html
https://seclists.org/fulldisclosure/2025/Jul/14
http://seclists.org/fulldisclosure/2025/Jul/14
http://seclists.org/fulldisclosure/2025/Jul/26

Products affected by CVE-2025-26064

Intelbras » Rx 1500 » Version: N/A

cpe:2.3:h:intelbras:rx_1500:-
Intelbras » Rx 3000 » Version: N/A

cpe:2.3:h:intelbras:rx_3000:-
Intelbras » Rx 1500 Firmware » Version: 2.2.9

cpe:2.3:o:intelbras:rx_1500_firmware:2.2.9
Intelbras » Rx 3000 Firmware » Version: 1.0.11

cpe:2.3:o:intelbras:rx_3000_firmware:1.0.11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-26064

Products

Pricing

Contact Us