How severe is CVE-2025-4286?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 2.7 out of 10.

What type of vulnerability is CVE-2025-4286?

This is classified as CWE-255, which is a common weakness in software security.

CVE-2025-4286 - MEDIUM Severity | CVSS 2.7

Vulnerability Description

A vulnerability was found in Intelbras InControl up to 2.21.59. It has been classified as problematic. Affected is an unknown function of the component Dispositivos Edição Page. The manipulation of the argument Senha de Comunicação leads to unprotected storage of credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. According to the vendor this issue should be fixed in a later release.

Related Vulnerabilities

CVE-2025-2555

LOW

CVSS:2.9(Low)

A vulnerability classified as problematic has been found in Audi Universal Traffic Recorder App 2.0. Affected is an unknown function of the component FTP Credentials. The manipulation leads to use of ...

CWE-2552025

CVE-2016-4527

LOW

CVSS:3.3(Low)

ABB PCM600 before 2.7 improperly stores PCM600 authentication credentials, which allows local users to obtain sensitive information via unspecified vectors.

CWE-2552016

CVE-2016-4670

LOW

CVSS:3.3(Low)

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "Security" component. It allows local users to discover lengths...

CWE-2552016

CVE-2016-9348

LOW

CVSS:3.3(Low)

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort...

CWE-2552016

CVE-2025-2355

MEDIUM

CVSS:3.3(Low)

A vulnerability was found in BlackVue App 3.65 on Android and classified as problematic. Affected by this issue is some unknown functionality of the component API Endpoint Handler. The manipulation of...

CWE-2552025

CVE-2016-1356

LOW

CVSS:3.7(Low)

Cisco FireSIGHT System Software 6.1.0 does not use a constant-time algorithm for verifying credentials, which makes it easier for remote attackers to enumerate valid usernames by measuring timing diff...

CWE-2552016