CVE-2024-6080

A vulnerability classified as critical was found in Intelbras InControl 2.21.56. This vulnerability affects unknown code of the component incontrolWebcam Service. The manipulation leads to unquoted search path. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 2.21.58 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early about this disclosure and plans to provide a solution within the next few weeks.
Configurations

Configuration 1 (hide)

cpe:2.3:o:intelbras:incontrol:2.21.56:*:*:*:*:*:*:*

History

04 Nov 2024, 19:15

Type Values Removed Values Added
References
  • () https://backend.intelbras.com/sites/default/files/2024-10/Aviso%20de%20Seguran%C3%A7a%20-%20Incontrol%202.21.56%20e%202.21.57.pdf -
  • () https://download.cronos.intelbras.com.br/download/INCONTROL/INCONTROL-WEB/prod/INCONTROL-WEB-2.21.58-233dfd1ac1e2ca3eabb71c854005c78b.exe -
CWE CWE-426
Summary (en) A vulnerability classified as critical was found in Intelbras InControl 2.21.56. This vulnerability affects unknown code of the component incontrolWebcam Service. The manipulation leads to unquoted search path. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-268822 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure and plans to provide a solution within the next few weeks. (en) A vulnerability classified as critical was found in Intelbras InControl 2.21.56. This vulnerability affects unknown code of the component incontrolWebcam Service. The manipulation leads to unquoted search path. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 2.21.58 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early about this disclosure and plans to provide a solution within the next few weeks.

20 Sep 2024, 00:27

Type Values Removed Values Added
First Time Intelbras
Intelbras incontrol
CPE cpe:2.3:o:intelbras:incontrol:2.21.56:*:*:*:*:*:*:*
References () https://vuldb.com/?ctiid.268822 - () https://vuldb.com/?ctiid.268822 - Permissions Required
References () https://vuldb.com/?id.268822 - () https://vuldb.com/?id.268822 - Third Party Advisory
References () https://vuldb.com/?submit.353502 - () https://vuldb.com/?submit.353502 - Third Party Advisory

06 Aug 2024, 07:15

Type Values Removed Values Added
Summary (en) A vulnerability classified as critical was found in Intelbras InControl 2.21.56. This vulnerability affects unknown code. The manipulation leads to unquoted search path. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-268822 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure and plans to provide a solution within the next few weeks. (en) A vulnerability classified as critical was found in Intelbras InControl 2.21.56. This vulnerability affects unknown code of the component incontrolWebcam Service. The manipulation leads to unquoted search path. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-268822 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure and plans to provide a solution within the next few weeks.

20 Jun 2024, 20:15

Type Values Removed Values Added
Summary (en) A vulnerability classified as critical was found in Intelbras InControl 2.21.56. This vulnerability affects unknown code. The manipulation leads to unquoted search path. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-268822 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. (en) A vulnerability classified as critical was found in Intelbras InControl 2.21.56. This vulnerability affects unknown code. The manipulation leads to unquoted search path. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-268822 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure and plans to provide a solution within the next few weeks.

20 Jun 2024, 12:44

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad fue encontrada en Intelbras InControl 2.21.56 y clasificada como crítica. Esta vulnerabilidad afecta a código desconocido. La manipulación conduce a una ruta de búsqueda sin comillas. Se requiere acceso local para abordar este ataque. El exploit ha sido divulgado al público y puede utilizarse. VDB-268822 es el identificador asignado a esta vulnerabilidad. NOTA: Se contactó primeramente con el proveedor sobre esta divulgación, pero no respondió de ninguna manera.

17 Jun 2024, 23:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-17 23:15

Updated : 2024-11-04 19:15


NVD link : CVE-2024-6080

Mitre link : CVE-2024-6080

CVE.ORG link : CVE-2024-6080


JSON object : View

Products Affected

intelbras

  • incontrol
CWE
CWE-426

Untrusted Search Path

CWE-428

Unquoted Search Path or Element