CVE-2025-50404

{"id": "CVE-2025-50404", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2025-07-01T15:15:26.043", "references": [{"url": "https://github.com/feiwuxingxie/cve/blob/main/Intelbras/vul01/01.md", "source": "cve@mitre.org"}, {"url": "https://www.intelbras.com/en", "source": "cve@mitre.org"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "Intelbras RX1500 Router v2.2.17 and before is vulnerable to Integer Overflow. The websReadEvent function incorrectly uses the int type when processing the \"command\" field of the http header, causing the array to cross the boundary and overwrite other fields in the array."}, {"lang": "es", "value": "Intelbras RX1500 Router v2.2.17 y versiones anteriores es vulnerable a desbordamiento de enteros. La funci\u00f3n websReadEvent utiliza incorrectamente el tipo int al procesar el campo \"command\" del encabezado http, lo que provoca que la matriz cruce el l\u00edmite y sobrescriba otros campos de la matriz."}], "lastModified": "2025-07-08T16:15:58.260", "sourceIdentifier": "cve@mitre.org"}