CVE-2025-63225

Name of the Vulnerable Software and Affected Versions Eurolab ELTS100 UBX version ELTS100v1.UBX

Description The Eurolab ELTS100 UBX device is subject to Broken Access Control because of a lack of authentication on critical administrative endpoints. Attackers can directly access and modify sensitive system and network configurations, upload firmware, and execute unauthorized actions without authentication. This allows remote attackers to fully compromise the device, control its functionality, and disrupt its operation.

Recommendations Apply authentication mechanisms to all critical administrative endpoints to prevent unauthorized access and modification of system configurations and firmware.