CVE-2025-66262— DB Electronica Mozart FM Transmitter 安全漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2025-66262の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Arbitrary File Overwrite via Tar Extraction Path Traversal
ソース: NVD (National Vulnerability Database)
脆弱性説明
Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Tar extraction with -C / allow arbitrary file overwrite via crafted archive. The `restore_mozzi_memories.sh` script extracts user-controlled tar archives with `-C /` flag, depositing contents to the filesystem root without path validation. When combined with the unauthenticated file upload vulnerabilities (CVE-01, CVE-06, CVE-07), attackers can craft malicious .tgz archives containing path-traversed filenames (e.g., `etc/shadow`, `var/www/index.php`) to overwrite critical system files in writable directories, achieving full system compromise.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
对路径名的限制不恰当(路径遍历)
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
DB Electronica Mozart FM Transmitter 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
DB Electronica Mozart FM Transmitter是意大利DB Electronica公司的一个专业级FM广播发射机系列。 DB Electronica Mozart FM Transmitter 30版本、50版本、100版本、300版本、500版本、1000版本、2000版本、3000版本、3500版本、6000版本和7000版本存在安全漏洞,该漏洞源于tar提取路径遍历,可能导致任意文件覆盖。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| DB Electronica Telecomunicazioni S.p.A. | Mozart FM Transmitter | 30 | - |
II. CVE-2025-66262の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2025-66262のインテリジェンス情報
请登录查看更多情报信息。
Same Patch Batch · DB Electronica Telecomunicazioni S.p.A. · 2025-11-26 · 14 CVEs total
| CVE-2025-66257 | Unauthenticated Arbitrary File Deletion (patch_contents.php) | |
| CVE-2025-66256 | Unauthenticated Arbitrary File Upload (patch_contents.php) | |
| CVE-2025-66252 | Infinite Loop Denial of Service via Failed File Deletion | |
| CVE-2025-66255 | Unauthenticated Arbitrary File Upload (upgrade_contents.php) | |
| CVE-2025-66253 | Unauthenticated OS Command Injection (start_upgrade.php) | |
| CVE-2025-66254 | Unauthenticated Arbitrary File Deletion (upgrade_contents.php) | |
| CVE-2025-66250 | Unauthenticated Arbitrary File Upload (status_contents.php) | |
| CVE-2025-66251 | Unauthenticated Path Traversal with Arbitrary File Deletion | |
| CVE-2025-66259 | Authenticated Root Remote Code Execution through improper filtering of HTTP post request p | |
| CVE-2025-66263 | Unauthenticated Arbitrary File Read via Null Byte Injection | |
| CVE-2025-66258 | Stored Cross-Site Scripting via XML Injection | |
| CVE-2025-66260 | PostgreSQL SQL Injection (status_sql.php) | |
| CVE-2025-66261 | Unauthenticated OS Command Injection (restore_settings.php) |
IV. 関連脆弱性
同じ製品: Mozart FM Transmitter
- CVE-2025-66263
Unauthenticated Arbitrary File Read via Null Byte Injection - CVE-2025-66261
Unauthenticated OS Command Injection (restore_settings.php) - CVE-2025-66260
PostgreSQL SQL Injection (status_sql.php) - CVE-2025-66259
Authenticated Root Remote Code Execution through improper fi - CVE-2025-66258
Stored Cross-Site Scripting via XML Injection
- CVE-2025-66263
Unauthenticated Arbitrary File Read via Null Byte Injection - CVE-2025-66261
Unauthenticated OS Command Injection (restore_settings.php) - CVE-2025-66260
PostgreSQL SQL Injection (status_sql.php) - CVE-2025-66259
Authenticated Root Remote Code Execution through improper fi - CVE-2025-66258
Stored Cross-Site Scripting via XML Injection
同じ弱点: CWE-22
- CVE-2026-8274
npitre cramfs-tools Directory cramfsck.c do_directory path t - CVE-2022-50956
WordPress Plugin amministrazione-aperta 3.7.3 Local File Rea - CVE-2026-8215
Industrial Application Software IAS Canias ERP RMI iasReques - CVE-2026-42605
AzuraCast: Path Traversal in `currentDirectory` Parameter En - CVE-2026-42574
apko dirFS has a symlink-following path traversal that allow
V. CVE-2025-66262へのコメント
まだコメントはありません