216.73.217.22

CVE-2025-66261

· Published 26/11/2025 01:16 · Modified 03/12/2025 16:51

Labels: CVE-2025-66261 2025-11-26CVE-2025-66261CWE-78b7efe717-a805-47cf-8e9a-921fca0ce0ce

Essential information

Published
26/11/2025 01:16
Modified
03/12/2025 16:51
Author
Creator
CVSS
9.9 CRITICAL (v3) 9.9 CRITICAL (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Unauthenticated OS Command Injection (restore_settings.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform URL-decoded name parameter passed to exec() allows remote code execution. The `/var/tdf/restore_settings.php` endpoint passes user-controlled `$_GET["name"]` parameter through `urldecode()` directly into `exec()` without validation or escaping. Attackers can inject arbitrary shell commands using metacharacters (`;`, `|`, `&&`, etc.) to achieve unauthenticated remote code execution as the web server user.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
b7efe717-a805-47cf-8e9a-921fca0ce0ce
NVD
View on NVD

Affected products (CPE)

ProductCPE
dbbroadcast / mozart next 100 firmware cpe:2.3:o:dbbroadcast:mozart_next_100_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 100 cpe:2.3:h:dbbroadcast:mozart_next_100:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 1000 firmware cpe:2.3:o:dbbroadcast:mozart_next_1000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 1000 cpe:2.3:h:dbbroadcast:mozart_next_1000:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 2000 firmware cpe:2.3:o:dbbroadcast:mozart_next_2000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 2000 cpe:2.3:h:dbbroadcast:mozart_next_2000:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 30 firmware cpe:2.3:o:dbbroadcast:mozart_next_30_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 30 cpe:2.3:h:dbbroadcast:mozart_next_30:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 300 firmware cpe:2.3:o:dbbroadcast:mozart_next_300_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 300 cpe:2.3:h:dbbroadcast:mozart_next_300:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 3000 firmware cpe:2.3:o:dbbroadcast:mozart_next_3000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 3000 cpe:2.3:h:dbbroadcast:mozart_next_3000:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 3500 firmware cpe:2.3:o:dbbroadcast:mozart_next_3500_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 3500 cpe:2.3:h:dbbroadcast:mozart_next_3500:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 50 firmware cpe:2.3:o:dbbroadcast:mozart_next_50_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 50 cpe:2.3:h:dbbroadcast:mozart_next_50:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 500 firmware cpe:2.3:o:dbbroadcast:mozart_next_500_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 500 cpe:2.3:h:dbbroadcast:mozart_next_500:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 6000 firmware cpe:2.3:o:dbbroadcast:mozart_next_6000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 6000 cpe:2.3:h:dbbroadcast:mozart_next_6000:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 7000 firmware cpe:2.3:o:dbbroadcast:mozart_next_7000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 7000 cpe:2.3:h:dbbroadcast:mozart_next_7000:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 30 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_30_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 30 cpe:2.3:h:dbbroadcast:mozart_dds_next_30:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 50 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_50_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 50 cpe:2.3:h:dbbroadcast:mozart_dds_next_50:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 100 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_100_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 100 cpe:2.3:h:dbbroadcast:mozart_dds_next_100:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 300 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_300_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 300 cpe:2.3:h:dbbroadcast:mozart_dds_next_300:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 500 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_500_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 500 cpe:2.3:h:dbbroadcast:mozart_dds_next_500:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 1000 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_1000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 1000 cpe:2.3:h:dbbroadcast:mozart_dds_next_1000:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 2000 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_2000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 2000 cpe:2.3:h:dbbroadcast:mozart_dds_next_2000:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 3000 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_3000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 3000 cpe:2.3:h:dbbroadcast:mozart_dds_next_3000:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 3500 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_3500_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 3500 cpe:2.3:h:dbbroadcast:mozart_dds_next_3500:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 6000 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_6000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 6000 cpe:2.3:h:dbbroadcast:mozart_dds_next_6000:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 7000 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_7000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 7000 cpe:2.3:h:dbbroadcast:mozart_dds_next_7000:-:*:*:*:*:*:*:*

References