CVE-2025-66262

Name of the Vulnerable Software and Affected Versions DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30 through 7000

Description A flaw exists that allows arbitrary file overwrites through a Tar extraction path traversal. The restore mozzi memories.sh script extracts user-controlled tar archives using the -C / flag, which deposits contents to the filesystem root without path validation. This, combined with unauthenticated file upload issues, enables attackers to create malicious archives containing path-traversed filenames (for example, etc/shadow, var/www/index.php) to overwrite critical system files in writable directories, potentially leading to full system compromise.

Recommendations versions 30 through 7000: Apply a patch to prevent the use of the -C / flag during tar extraction and implement path validation for extracted files.