PT-2025-53594 · Etl Systems · Dextra Series Digital L-Band Distribution System
Hiky8
·
Published
2025-12-26
·
Updated
2025-12-26
·
CVE-2025-67013
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
ETL Systems Ltd DEXTRA Series Digital L-Band Distribution System version 1.8
Description
The web management interface lacks Cross-Site Request Forgery (CSRF) protection mechanisms, specifically missing tokens and Origin/Referer validation, on critical configuration endpoints. This could allow an attacker to perform unauthorized actions on behalf of an authenticated user.
Recommendations
Apply updates to address the missing CSRF protection mechanisms on critical configuration endpoints in version 1.8.
Exploit
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dextra Series Digital L-Band Distribution System