CVE-2026-2564
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2Description
A security flaw has been discovered in Intelbras VIP 3260 Z IA 2.840.00IB005.0.T. Affected by this vulnerability is an unknown functionality of the file /OutsideCmd. The manipulation results in weak password recovery. It is possible to launch the attack remotely. Attacks of this nature are highly complex. The exploitation appears to be difficult. It is recommended to upgrade the affected component.
Analysis
Intelbras VIP 3260 Z IA devices running firmware 2.840.00IB005.0.T contain a weak password recovery mechanism in the /OutsideCmd functionality that allows remote attackers with high technical sophistication to potentially compromise authentication controls. The vulnerability carries a CVSS score of 8.1 and currently lacks a patch, requiring organizations to implement compensating controls or consider alternative solutions until remediation is available.
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all Intelbras VIP 3260 Z IA devices running firmware 2.840.00IB005.0.T and assess network exposure. Within 7 days: Implement network segmentation to restrict access to affected devices and disable remote management if operationally feasible. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today