CVE Catalog

CVE-2026-12211

LowCVSS 2.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.37%

29th percentile — higher than 29% of all known CVEs

Summary

A flaw has been found in Intelbras iNVU 7016 FT 3.004.00IB000.0.T Build 2025-09-26, allowing path traversal via manipulation of the /RPC2_Loadfile/syslog/ file in the web interface. The attack can be launched remotely.

Risk Assessment

This vulnerability may lead to unauthorized access to the file system, posing a serious threat to the organization's data security.

Recommendation

It is recommended to upgrade the affected component as soon as possible to mitigate this vulnerability.

Original NVD description (English source)

A flaw has been found in Intelbras iNVU 7016 FT 3.004.00IB000.0.T Build 2025-09-26. This impacts an unknown function of the file /RPC2_Loadfile/syslog/ of the component Web Interface. Executing a manipulation can lead to path traversal. The attack can be launched remotely. The exploit has been published and may be used. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS