CVE-2026-12211
LOW Exploitation: PoC
2.7
CVSS 3.1
Description
A flaw has been found in Intelbras iNVU 7016 FT 3.004.00IB000.0.T Build 2025-09-26. This impacts an unknown function of the file /RPC2_Loadfile/syslog/ of the component Web Interface. Executing a manipulation can lead to path traversal. The attack can be launched remotely. The exploit has been published and may be used. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Metadata
Severity & Metrics
2.7
LOW CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
SSVC — CISA Coordinator
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Intelbras | iNVU 7016 FT | — | 3.004.00IB000.0.T Build 2025-09-26 |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-22 | cna | Path Traversal |
CVSS scores (4)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 5.1 | MEDIUM | 4.0 | cna | CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P |
| 3.3 | N/D | 2.0 | cna | AV:N/AC:L/Au:M/C:P/I:N/A:N/E:POC/RL:OF/RC:C |
| 2.7 | LOW | 3.1 | cna | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
| 2.7 | LOW | 3.0 | cna | CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
References (6)
- VDB-370853 | Intelbras iNVU 7016 FT Web syslog path traversal https://vuldb.com/vuln/370853
- VDB-370853 | CTI Indicators (IOB, IOC, TTP, IOA) https://vuldb.com/vuln/370853/cti
- CVE-2026-12211 | CVE Analysis and Report https://vuldb.com/cve/CVE-2026-12211
- Submit #832544 | Intelbras iNVU 7016 FT 3.004.00IB000.0.T (Build 2025-09-26) Path Traversal https://vuldb.com/submit/832544
- https://coaglio.com/writeups/lfi-intelbras-invu.html
- http://api-cronos.intelbras.com.br/download/INVU/INVU7016FT/prod/INVU7016FT-2026.05.29-712953bf2bb2af7e72d0577ad5ef6455.260527.BIN