CVE-2025-67070

{"id": "CVE-2025-67070", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 4.2, "exploitabilityScore": 3.9}]}, "published": "2026-01-09T19:16:06.990", "references": [{"url": "https://github.com/teteco/intelbras-cftv-admin-bypass", "source": "cve@mitre.org"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-288"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability exists in Intelbras CFTV IP NVD 9032 R Ftd V2.800.00IB00C.0.T, which allows an unauthenticated attacker to bypass the multi-factor authentication (MFA) mechanism during the password recovery process. This results in the ability to change the admin password and gain full access to the administrative panel."}, {"lang": "es", "value": "Una vulnerabilidad existe en Intelbras CFTV IP NVD 9032 R Ftd V2.800.00IB00C.0.T, que permite a un atacante no autenticado eludir el mecanismo de autenticaci\u00f3n multifactor (MFA) durante el proceso de recuperaci\u00f3n de contrase\u00f1a. Esto resulta en la capacidad de cambiar la contrase\u00f1a de administrador y obtener acceso completo al panel administrativo."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "cve@mitre.org"}