DB Electronica Mozart FM Transmitter Authenticated Unrestricted File Upload (CVE-2025-63227)

Key Information Summary Vulnerability Details CVE ID: CVE-2025-63227 Vulnerability Name: DB Electronica Mozart FM Transmitter Authenticated File Upload Vulnerability Vendor: DB Electronica Telecomunicazioni S.p.A. Vendor Homepage: https://www.dbbroadcast.com/ Affected Scope Affected Product: Mozart FM Transmitter Affected Firmware/Software Versions: 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 Vulnerability Type Attack Type: File Upload Vulnerability Classification: Unrestricted File Upload Vulnerability Impact Severity: Critical Description: Authenticated users can upload files via the endpoint without proper validation or sanitization. Attackers can exploit this vulnerability to upload malicious files (e.g., PHP webshells), then execute arbitrary commands on the server by accessing the webshell located in the directory, ultimately achieving full system control. Affected Component Web management interface of DB Electronica Mozart FM Transmitter Attack Vector Access Method: Remote access via web interface Authentication Required: Administrator login required Exploit Complexity: Low Example Impact Execution: Uploading the webshell allows attackers to directly execute system commands on the server. Result: Attackers gain full control over the system, including modifying files, extracting sensitive information, or escalating privileges. Vulnerability Type Information Vulnerability Type: Unrestricted File Upload CWE-ID: CWE-434 Definition: Software allows file uploads without sufficient validation, potentially leading to remote code execution, malware distribution, or other malicious activities. Impact Information Impact Types: - Execute arbitrary commands on the server. - Gain higher privileges on the system. - Access or extract sensitive information. - Full control over the server. Proof of Concept (PoC) Steps to reproduce: 1. Log in to the Mozart FM Transmitter’s web interface as an administrator. 2. Navigate to the endpoint. 3. Upload a malicious PHP webshell (e.g., ). 4. Access the uploaded file at . 5. Execute arbitrary system commands via the webshell interface. Example Webshell (PHP) Recommended Mitigation Measures File Type Validation: Restrict uploads to specific, safe file types (e.g., or for patches). File Content Validation: Use server-side checks to ensure uploaded file contents match expected formats. Storage Restrictions: Store uploaded files outside web-accessible directories. Authentication Controls: Strengthen authentication mechanisms to prevent unauthorized access. Access Controls: Restrict access to the endpoint to authorized personnel only. Logging: Log file upload activities for auditing and monitoring. Testing: Conduct regular security testing to detect file upload vulnerabilities.

Goal Reached Thanks to every supporter — we hit 100%!

DB Electronica Mozart FM Transmitter Authenticated Unrestricted File Upload (CVE-2025-63227)

More from this source