CVE-2025-66252— DB Electronica Mozart FM Transmitter 安全漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2025-66252の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Infinite Loop Denial of Service via Failed File Deletion
ソース: NVD (National Vulnerability Database)
脆弱性説明
Infinite Loop Denial of Service via Failed File Deletion in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Infinite loop when unlink() fails in status_contents.php causing DoS. Due to the fact that the unlink operation is done in a while loop; if an immutable file is specified or otherwise a file in which the process has no permissions to delete; it would repeatedly attempt to do in a loop.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
不可达退出条件的循环(无限循环)
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
DB Electronica Mozart FM Transmitter 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
DB Electronica Mozart FM Transmitter是意大利DB Electronica公司的一个专业级FM广播发射机系列。 DB Electronica Mozart FM Transmitter 30版本、50版本、100版本、300版本、500版本、1000版本、2000版本、3000版本、3500版本、6000版本和7000版本存在安全漏洞,该漏洞源于status_contents.php中unlink失败导致无限循环,可能导致拒绝服务。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| DB Electronica Telecomunicazioni S.p.A. | Mozart FM Transmitter | 30 | - |
II. CVE-2025-66252の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2025-66252のインテリジェンス情報
请登录查看更多情报信息。
Same Patch Batch · DB Electronica Telecomunicazioni S.p.A. · 2025-11-26 · 14 CVEs total
| CVE-2025-66257 | Unauthenticated Arbitrary File Deletion (patch_contents.php) | |
| CVE-2025-66256 | Unauthenticated Arbitrary File Upload (patch_contents.php) | |
| CVE-2025-66255 | Unauthenticated Arbitrary File Upload (upgrade_contents.php) | |
| CVE-2025-66253 | Unauthenticated OS Command Injection (start_upgrade.php) | |
| CVE-2025-66254 | Unauthenticated Arbitrary File Deletion (upgrade_contents.php) | |
| CVE-2025-66250 | Unauthenticated Arbitrary File Upload (status_contents.php) | |
| CVE-2025-66251 | Unauthenticated Path Traversal with Arbitrary File Deletion | |
| CVE-2025-66262 | Arbitrary File Overwrite via Tar Extraction Path Traversal | |
| CVE-2025-66259 | Authenticated Root Remote Code Execution through improper filtering of HTTP post request p | |
| CVE-2025-66263 | Unauthenticated Arbitrary File Read via Null Byte Injection | |
| CVE-2025-66258 | Stored Cross-Site Scripting via XML Injection | |
| CVE-2025-66260 | PostgreSQL SQL Injection (status_sql.php) | |
| CVE-2025-66261 | Unauthenticated OS Command Injection (restore_settings.php) |
IV. 関連脆弱性
同じ製品: Mozart FM Transmitter
- CVE-2025-66263
Unauthenticated Arbitrary File Read via Null Byte Injection - CVE-2025-66262
Arbitrary File Overwrite via Tar Extraction Path Traversal - CVE-2025-66261
Unauthenticated OS Command Injection (restore_settings.php) - CVE-2025-66260
PostgreSQL SQL Injection (status_sql.php) - CVE-2025-66259
Authenticated Root Remote Code Execution through improper fi
- CVE-2025-66263
Unauthenticated Arbitrary File Read via Null Byte Injection - CVE-2025-66262
Arbitrary File Overwrite via Tar Extraction Path Traversal - CVE-2025-66261
Unauthenticated OS Command Injection (restore_settings.php) - CVE-2025-66260
PostgreSQL SQL Injection (status_sql.php) - CVE-2025-66259
Authenticated Root Remote Code Execution through improper fi
同じ弱点: CWE-835
- CVE-2026-42310
Pillow: PDF Parsing Trailer Infinite Loop (DoS) - CVE-2026-41511
OpenMcdf has an Infinite loop DoS via crafted CFB directory - CVE-2026-5407
Loop with Unreachable Exit Condition ('Infinite Loop') in Wi - CVE-2026-6536
Loop with Unreachable Exit Condition ('Infinite Loop') in Wi - CVE-2026-6534
Loop with Unreachable Exit Condition ('Infinite Loop') in Wi
V. CVE-2025-66252へのコメント
まだコメントはありません