CVE-2025-66261

Name of the Vulnerable Software and Affected Versions DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30 through 7000

Description The software contains an unauthenticated OS Command Injection issue in the restore settings.php file. The /var/tdf/restore settings.php API endpoint accepts a name parameter via the GET request. This name parameter, controlled by the user, is URL-decoded and then directly passed to the exec() function without proper validation or escaping. This allows attackers to inject arbitrary shell commands using metacharacters such as ;, |, and && to execute code remotely on the system as the web server user. The $ GET["name"] variable is particularly vulnerable.

Recommendations Mozart FM Transmitter version 30 should be updated. Mozart FM Transmitter version 50 should be updated. Mozart FM Transmitter version 100 should be updated. Mozart FM Transmitter version 300 should be updated. Mozart FM Transmitter version 500 should be updated. Mozart FM Transmitter version 1000 should be updated. Mozart FM Transmitter version 2000 should be updated. Mozart FM Transmitter version 3000 should be updated. Mozart FM Transmitter version 3500 should be updated. Mozart FM Transmitter version 6000 should be updated. Mozart FM Transmitter version 7000 should be updated.