FKIE_CVE-2025-66259
Vulnerability from fkie_nvd - Published: 2025-11-26 01:16 - Updated: 2025-12-03 16:50
Severity ?
Summary
Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform in main_ok.php user supplied data/hour/time is passed directly into date shell command
References
| URL | Tags | ||
|---|---|---|---|
| b7efe717-a805-47cf-8e9a-921fca0ce0ce | https://www.abdulmhsblog.com/posts/webfmvulns/ | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B25533-2EF5-4158-9505-1CD18463DB68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7834E460-78EE-456A-84F7-0DECE004BD80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3497F7E-0433-444B-A58A-A795C8833966",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEB3E77-E3D8-4878-BBE3-74530F3469B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A975C91C-59BD-44AC-9F67-0682CE173738",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F30F6688-FCDA-4BA5-ABD9-0EB91CDF7631",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_30_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B57D15-6192-4D68-9CC5-726E052E7DDD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA1C3BA1-3E25-474B-B2A4-97136D6287BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0130D6C-CE17-4046-B0EB-0AD2DA7DC6AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A04E5386-2B8E-4E5E-9766-CEA4887265D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_3000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9F5D088-18AE-4388-83D7-66EBF03B3091",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5427DF7-CBAB-4BB9-9175-B7EC7012EAD0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_3500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "285B4AB4-1F69-445E-B2D3-A0C140B55990",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90E84970-55F7-41CB-814E-085BACFAAA91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_50_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD961FB-E86A-4346-9B8D-3658C7BD818F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56699CC2-C823-4397-8C76-BC165E48D6E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93081491-7BD5-4AD8-B9A9-4017BD531955",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2D2A2EE-4D89-40F7-82CF-15B01BCCA5D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_6000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47A934D3-C948-4618-8B1F-5C69FBE404D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4CEBFA-FFFA-48C0-AF1A-2FF83B9881B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96CBA55F-3917-4E2D-80DF-3F13B1089E1B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D56DC454-9330-48A3-9297-1DF0609774EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_30_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51C964CD-4DFC-490B-87BE-5BF6A8C31818",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1A32EF5-D307-4012-A0F5-F12CA14256B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_50_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA06D91-2A84-4980-B025-E2AB6B7A4A2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E965758E-A526-47B0-81DB-F1A253F1DA09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "406B147C-3918-4DBA-B26A-68A3FB569D80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CBCB7BF-0053-4D3C-823F-C7D1465AF024",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04FB53B4-6B83-42FA-9959-03652DD7A26F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DE66740-2E9E-40B1-AA15-EAB1A5574C9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C733E9-67C2-415D-BBAE-85DD5E5B775A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F40B30CD-8FF7-403D-A882-AECF0331255B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F7AA00D-A38B-409D-8258-C0222499287F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F6949E5-3C57-4298-8E06-F1A034321755",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_2000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD39D574-E20A-4592-A65E-12B3F8707F47",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8557A5A5-871A-48FC-BA63-C0BB1D649C86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_3000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "312829A7-688F-4949-A373-9E55FEE7DBAD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD7B722-A221-47CA-8E2E-4BD27E57DDE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_3500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64F7857F-A7D7-4A54-BF1B-47CE856EDFDD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A9ADD17-C038-48A6-9E77-7EE16288261C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_6000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "356E12B5-32FF-4114-9DD4-1972D2FAB281",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7315EAF4-23FD-4410-A477-3AA1F822C268",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91C3B94F-F8A6-49F6-86E9-2FFFB8CF2E8A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F451E5A5-3429-4AEC-A968-A25C2C232C5A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform in main_ok.php user supplied data/hour/time is passed directly into date shell command"
}
],
"id": "CVE-2025-66259",
"lastModified": "2025-12-03T16:50:43.460",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "b7efe717-a805-47cf-8e9a-921fca0ce0ce",
"type": "Secondary"
}
]
},
"published": "2025-11-26T01:16:09.293",
"references": [
{
"source": "b7efe717-a805-47cf-8e9a-921fca0ce0ce",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.abdulmhsblog.com/posts/webfmvulns/"
}
],
"sourceIdentifier": "b7efe717-a805-47cf-8e9a-921fca0ce0ce",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "b7efe717-a805-47cf-8e9a-921fca0ce0ce",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…