216.73.216.6

CVE-2025-63228

· Published 18/11/2025 20:15 · Modified 08/12/2025 14:44

Labels: CVE-2025-63228 2025-11-18CVE-2025-63228CWE-434[email protected]

Essential information

Published
18/11/2025 20:15
Modified
08/12/2025 14:44
Author
Creator
CVSS
9.8 CRITICAL (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains an unauthenticated file upload vulnerability in the /upload_file.php endpoint. An attacker can exploit this by sending a crafted POST request with a malicious file (e.g., a PHP webshell) to the server. The uploaded file is stored in the /upload/ directory, enabling remote code execution and full system compromise.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
dbbroadcast / mozart next 100 firmware cpe:2.3:o:dbbroadcast:mozart_next_100_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 100 cpe:2.3:h:dbbroadcast:mozart_next_100:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 1000 firmware cpe:2.3:o:dbbroadcast:mozart_next_1000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 1000 cpe:2.3:h:dbbroadcast:mozart_next_1000:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 2000 firmware cpe:2.3:o:dbbroadcast:mozart_next_2000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 2000 cpe:2.3:h:dbbroadcast:mozart_next_2000:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 30 firmware cpe:2.3:o:dbbroadcast:mozart_next_30_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 30 cpe:2.3:h:dbbroadcast:mozart_next_30:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 300 firmware cpe:2.3:o:dbbroadcast:mozart_next_300_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 300 cpe:2.3:h:dbbroadcast:mozart_next_300:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 3000 firmware cpe:2.3:o:dbbroadcast:mozart_next_3000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 3000 cpe:2.3:h:dbbroadcast:mozart_next_3000:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 3500 firmware cpe:2.3:o:dbbroadcast:mozart_next_3500_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 3500 cpe:2.3:h:dbbroadcast:mozart_next_3500:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 50 firmware cpe:2.3:o:dbbroadcast:mozart_next_50_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 50 cpe:2.3:h:dbbroadcast:mozart_next_50:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 500 firmware cpe:2.3:o:dbbroadcast:mozart_next_500_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 500 cpe:2.3:h:dbbroadcast:mozart_next_500:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 6000 firmware cpe:2.3:o:dbbroadcast:mozart_next_6000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 6000 cpe:2.3:h:dbbroadcast:mozart_next_6000:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 7000 firmware cpe:2.3:o:dbbroadcast:mozart_next_7000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart next 7000 cpe:2.3:h:dbbroadcast:mozart_next_7000:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 30 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_30_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 30 cpe:2.3:h:dbbroadcast:mozart_dds_next_30:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 50 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_50_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 50 cpe:2.3:h:dbbroadcast:mozart_dds_next_50:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 100 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_100_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 100 cpe:2.3:h:dbbroadcast:mozart_dds_next_100:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 300 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_300_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 300 cpe:2.3:h:dbbroadcast:mozart_dds_next_300:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 500 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_500_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 500 cpe:2.3:h:dbbroadcast:mozart_dds_next_500:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 1000 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_1000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 1000 cpe:2.3:h:dbbroadcast:mozart_dds_next_1000:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 2000 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_2000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 2000 cpe:2.3:h:dbbroadcast:mozart_dds_next_2000:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 3000 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_3000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 3000 cpe:2.3:h:dbbroadcast:mozart_dds_next_3000:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 3500 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_3500_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 3500 cpe:2.3:h:dbbroadcast:mozart_dds_next_3500:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 6000 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_6000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 6000 cpe:2.3:h:dbbroadcast:mozart_dds_next_6000:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 7000 firmware cpe:2.3:o:dbbroadcast:mozart_dds_next_7000_firmware:-:*:*:*:*:*:*:*
dbbroadcast / mozart dds next 7000 cpe:2.3:h:dbbroadcast:mozart_dds_next_7000:-:*:*:*:*:*:*:*

References