Description
IntelBras Telefone IP TIP200 and 200 LITE contain an unauthenticated arbitrary file read vulnerability in the dumpConfigFile function accessible via the cgiServer.exx endpoint. Attackers can send GET requests to /cgi-bin/cgiServer.exx with the command parameter containing dumpConfigFile() to read sensitive files including /etc/shadow and configuration files without proper authorization.
Published: 2026-03-11
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary File Read
Action: Immediate Patch
AI Analysis

Impact

Intelbras Telefone IP TIP 200 and TIP 200 LITE expose a vulnerability that allows unauthenticated remote attackers to read any file on the device through the dumpConfigFile function accessed via the cgiServer.exx endpoint. This directly results in loss of confidentiality for configuration files and credentials such as /etc/shadow. The weakness is a classic absolute path traversal (CWE‑73).

Affected Systems

The affected products are Intelbras Telefone IP TIP 200 and Intelbras Telefone IP TIP 200 LITE. No specific firmware or model version information is provided, so the flaw is presumed to exist across the reported variants of these devices.

Risk and Exploitability

The base CVSS score of 8.7 indicates high severity. An EPSS score of less than 1% suggests that exploitation has been uncommon, and the flaw is not listed in CISA’s KEV catalog. Attackers can exploit the issue by sending a simple GET request to /cgi-bin/cgiServer.exx with the command parameter set to dumpConfigFile(), requiring only network reachability to the device and no authentication.

Generated by OpenCVE AI on March 17, 2026 at 15:07 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check the Intelbras website or customer portal for an official firmware update or patch that addresses CVE-2019-25472
  • Apply the identified patch or firmware upgrade to the affected Telefone IP TIP 200 or 200 LITE devices

Generated by OpenCVE AI on March 17, 2026 at 15:07 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 12 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Intelbras
Intelbras telefone Ip Tip 200
Intelbras telefone Ip Tip 200 Lite
Vendors & Products Intelbras
Intelbras telefone Ip Tip 200
Intelbras telefone Ip Tip 200 Lite

Wed, 11 Mar 2026 22:30:00 +0000

Type Values Removed Values Added
References

Wed, 11 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
References

Wed, 11 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 11 Mar 2026 18:45:00 +0000

Type Values Removed Values Added
Description IntelBras Telefone IP TIP200 and 200 LITE contain an unauthenticated arbitrary file read vulnerability in the dumpConfigFile function accessible via the cgiServer.exx endpoint. Attackers can send GET requests to /cgi-bin/cgiServer.exx with the command parameter containing dumpConfigFile() to read sensitive files including /etc/shadow and configuration files without proper authorization.
Title IntelBras Telefone IP TIP200/200 LITE Arbitrary File Read via dumpConfigFile
Weaknesses CWE-73
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Intelbras Telefone Ip Tip 200 Telefone Ip Tip 200 Lite
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-07T14:04:29.982Z

Reserved: 2026-02-22T14:43:03.387Z

Link: CVE-2019-25472

cve-icon Vulnrichment

Updated: 2026-03-11T19:22:52.576Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-11T19:16:01.007

Modified: 2026-03-12T21:08:22.643

Link: CVE-2019-25472

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-20T15:29:47Z

Weaknesses