CVE-2020-24285 – This vulnerability in INTELBRAS TELEFONE IP TIP... (How to Fix)

Q: What is the severity of CVE-2020-24285?

CVE-2020-24285 has a CVSS score of 7.5 (HIGH). This vulnerability in INTELBRAS TELEFONE IP TIP200 allows attackers to access sensitive information through the /cgi-bin/cgiServer.exx endpoint without authentication. It affects users of this specific VoIP phone model running vulnerable firmware. The exposed information could include credentials, configuration data, or other system details.

📋 TL;DR

This vulnerability in INTELBRAS TELEFONE IP TIP200 allows attackers to access sensitive information through the /cgi-bin/cgiServer.exx endpoint without authentication. It affects users of this specific VoIP phone model running vulnerable firmware. The exposed information could include credentials, configuration data, or other system details.

💻 Affected Systems

Products:

INTELBRAS TELEFONE IP TIP200

Versions: 60.61.75.22

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Devices with web interface accessible are vulnerable. The vulnerability appears to be in the CGI server component.

📦 What is this software?

Tip200 Firmware by Intelbras

View all CVEs affecting Tip200 Firmware →

Tip200lite Firmware by Intelbras

View all CVEs affecting Tip200lite Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers obtain administrative credentials, compromise the entire VoIP system, conduct eavesdropping, or pivot to other network resources.

🟠

Likely Case

Attackers harvest sensitive configuration data, user credentials, or call records from vulnerable devices.

🟢

If Mitigated

Information exposure limited to non-critical data if proper network segmentation and access controls are implemented.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple HTTP request to the vulnerable endpoint can expose information. GitHub repository contains details and potentially exploit code.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: http://intelbras.com

Restart Required: No

Instructions:

1. Check Intelbras website for firmware updates. 2. If update available, download from vendor portal. 3. Upload firmware to device via web interface. 4. Apply update and verify version change.

🔧 Temporary Workarounds

Network Access Restriction

linux

Block external access to device web interface

iptables -A INPUT -p tcp --dport 80 -s ! TRUSTED_NETWORK -j DROP
iptables -A INPUT -p tcp --dport 443 -s ! TRUSTED_NETWORK -j DROP

Disable Web Interface

all

Turn off HTTP/HTTPS services if not required

Check device configuration for web interface toggle

🧯 If You Can't Patch

Segment VoIP devices on isolated network VLAN
Implement strict firewall rules allowing only necessary SIP/RTP traffic

🔍 How to Verify

Check if Vulnerable:

Attempt HTTP GET request to http://DEVICE_IP/cgi-bin/cgiServer.exx and check if sensitive information is returned

Check Version:

Check device web interface or use SNMP query for firmware version

Verify Fix Applied:

Same request should return error or no sensitive data after patching

📡 Detection & Monitoring

Log Indicators:

Multiple requests to /cgi-bin/cgiServer.exx
Unusual access patterns to device web interface

Network Indicators:

HTTP requests to /cgi-bin/cgiServer.exx from untrusted sources
Large data transfers from device on unusual ports

SIEM Query:

source_ip=* AND dest_ip=VOIP_DEVICE AND url_path="/cgi-bin/cgiServer.exx"

📊 Metadata

CVE ID: CVE-2020-24285

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Published: April 12, 2021

Last Updated: November 21, 2024

🔗 References

http://intelbras.com Vendor Advisory
https://github.com/SecLoop/CVE/blob/main/telefone_ip_tip200.md Exploit,Third Party Advisory
http://intelbras.com Vendor Advisory
https://github.com/SecLoop/CVE/blob/main/telefone_ip_tip200.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON