Cyber Resilience

CVE-2025-50404

MediumPublic PoC

Published: 01 July 2025

Published
01 July 2025
Modified
20 August 2025
KEV Added
Patch
CVSS Score v3.1 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS Score 0.0044 63.6th percentile
Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-50404 is a medium-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Intelbras Rx 1500 Firmware. Its CVSS base score is 5.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 36.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

Intelbras RX1500 Router v2.2.17 and before is vulnerable to Integer Overflow. The websReadEvent function incorrectly uses the int type when processing the "command" field of the http header, causing the array to cross the boundary and overwrite other fields in…

more

the array.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The integer overflow in the websReadEvent function of the Intelbras RX1500 Router's web interface allows boundary-crossing array overwrites via crafted HTTP 'command' headers, enabling remote exploitation of a public-facing application.

Affected Assets

intelbras
rx 1500 firmware
≤ 2.2.17

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References