Primary

Context

Intelbras UnniTI Unprotected Storage of Credentials Vulnerability

Vulnerability

A vulnerability in Intelbras UnniTI version 24.07.11 allows for the unprotected storage of credentials. This issue arises from an unknown function in the file '/xml/sistema/usuarios.xml', where manipulation of the 'Usuario/Senha' argument can lead to the storage of administrative usernames and passwords in cleartext. The vulnerability can be exploited remotely without authentication, enabling full device takeover.

Impact

Exploitation of this vulnerability allows for unauthorized access to administrative credentials, which can be used to gain full control over the affected device.

Reproduction

The vulnerability can be reproduced by sending a request to the '/xml/sistema/usuarios.xml' file. The 'Usuario/Senha' argument should be manipulated to trigger the unprotected storage of credentials. This can be done remotely without any authentication.

Remediation

It is recommended to implement restrictive firewalling to block unauthorized access to the vulnerable file.

Added: Nov 15, 2025, 8:17 PM

Updated: Nov 15, 2025, 8:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

1.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

1.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Intelbras UnniTI Unprotected Storage of Credentials Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating