CVE-2025-66255

CVSS v4.0

9.9

Critical

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000

Description An unauthenticated arbitrary file upload issue exists in the upgrade contents.php component of the software. The firmware upgrade endpoint accepts arbitrary file uploads without validating file headers, cryptographic signatures, or enforcing .tgz format requirements, which allows for malicious firmware injection and subsequent remote code execution. The upgrade contents.php endpoint is vulnerable.

Recommendations Versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, and 7000 should be updated to a fixed version. As a temporary workaround, restrict access to the upgrade contents.php endpoint.

Exploit

Fix

RCE

Insufficient Verification of Data Authenticity

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-345CWE-434

Related Identifiers

CVE-2025-66255

Affected Products

Mozart Fm Transmitter

CVE-2025-66255

Weakness Enumeration

Related Identifiers

Affected Products

References · 7