Intelbras UnniTI usuarios.xml credentials storage_CVE-2025-13221

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Description

A weakness has been identified in Intelbras UnniTI 24.07.11. The affected element is an unknown function of the file /xml/sistema/usuarios.xml. Executing manipulation of the argument Usuario/Senha can lead to unprotected storage of credentials. The attack can be executed remotely. The exploit has been made available to the public and could be exploited.

Basic Information

ID CVE-2025-13221

Source VulDB

Published Nov 15, 2025 at 19:32

Affected Product

Vendor Intelbras

Product UnniTI

Version 24.07.11

Affected Versions Intelbras UnniTI 24.07.11

CWE Classification

CWE-256 CWE-255

References

{
    "lastseen": "",
    "description": "A weakness has been identified in Intelbras UnniTI 24.07.11. The affected element is an unknown function of the file /xml/sistema/usuarios.xml. Executing manipulation of the argument Usuario/Senha can lead to unprotected storage of credentials. The attack can be executed remotely. The exploit has been made available to the public and could be exploited.",
    "published": "2025-11-15T19:32:05.663Z",
    "modified": "2025-11-15T19:32:05.663Z",
    "type": "cve",
    "title": "Intelbras UnniTI usuarios.xml credentials storage",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.332537\nhttps://vuldb.com/?ctiid.332537\nhttps://vuldb.com/?submit.685825\nhttps://www.notion.so/eldruin/Intelbras-UnniTI-Plaintext-Admin-Credentials-Disclosure-29c27474cccb8008b2d7ea60affdf86e?source=copy_link",
    "id": "CVE-2025-13221",
    "bulletinFamily": "",
    "cwe": [
        "CWE-256",
        "CWE-255"
    ],
    "cvelist": null,
    "sourceData": "Intelbras UnniTI 24.07.11",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "UnniTI",
    "version": "24.07.11",
    "vendor": "Intelbras",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}