CVE-2025-63217

Name of the Vulnerable Software and Affected Versions Itel DAB MUX versions (affected versions not specified)

Description The Itel DAB MUX (IDMUX build c041640a) has a flaw in how it verifies JWT (JSON Web Token) authentication. This allows an attacker who has a valid JWT token from one device to use it to gain administrative access to any other device running the same firmware, regardless of the passwords or network configurations. This can lead to a complete compromise of the affected devices. The issue stems from improper JWT validation across devices.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.