CVE-2025-66259

Severity CVSS v4.0:

CRITICAL

Type:

CWE-20 Input Validation

Publication date:

26/11/2025

Last modified:

03/12/2025

Description

Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform in main_ok.php user supplied data/hour/time is passed directly into date shell command

Impact

Vector 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N CVSS v4.0 Severity and Metrics:

Base Score: 9.30 CRITICAL
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

Attack Vector (AV): Network
Attack Complexity (AC): Low
Attack Requirements (AT): None
Privileges Required (PR): High
User Interaction (UI): None
Confidentiality (VC): High
Integrity (VI): High
Availability (VA): None
Confidentiality (SC): High
Integrity (SI): High
Availability (SA): None

Base Score 4.0

9.30

Severity 4.0

CRITICAL

Vector 3.x

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS v3.1 Severity and Metrics:

Base Score: 9.80 CRITICAL
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): High
Integrity (I): High
Availability (A): High

Base Score 3.x

9.80

Severity 3.x

CRITICAL

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:o:dbbroadcast:mozart_next_100_firmware:-:::::::*
cpe:2.3:h:dbbroadcast:mozart_next_100:-:::::::*
cpe:2.3:o:dbbroadcast:mozart_next_1000_firmware:-:::::::*
cpe:2.3:h:dbbroadcast:mozart_next_1000:-:::::::*
cpe:2.3:o:dbbroadcast:mozart_next_2000_firmware:-:::::::*
cpe:2.3:h:dbbroadcast:mozart_next_2000:-:::::::*
cpe:2.3:o:dbbroadcast:mozart_next_30_firmware:-:::::::*
cpe:2.3:h:dbbroadcast:mozart_next_30:-:::::::*
cpe:2.3:o:dbbroadcast:mozart_next_300_firmware:-:::::::*
cpe:2.3:h:dbbroadcast:mozart_next_300:-:::::::*
cpe:2.3:o:dbbroadcast:mozart_next_3000_firmware:-:::::::*
cpe:2.3:h:dbbroadcast:mozart_next_3000:-:::::::*
cpe:2.3:o:dbbroadcast:mozart_next_3500_firmware:-:::::::*
cpe:2.3:h:dbbroadcast:mozart_next_3500:-:::::::*
cpe:2.3:o:dbbroadcast:mozart_next_50_firmware:-:::::::*

To consult the complete list of CPE names with products and versions, see this page

References to Advisories, Solutions, and Tools

https://www.abdulmhsblog.com/posts/webfmvulns/

CPE	From	Up to
cpe:2.3:o:dbbroadcast:mozart_next_100_firmware:-:::::::*
cpe:2.3:h:dbbroadcast:mozart_next_100:-:::::::*
cpe:2.3:o:dbbroadcast:mozart_next_1000_firmware:-:::::::*
cpe:2.3:h:dbbroadcast:mozart_next_1000:-:::::::*
cpe:2.3:o:dbbroadcast:mozart_next_2000_firmware:-:::::::*
cpe:2.3:h:dbbroadcast:mozart_next_2000:-:::::::*
cpe:2.3:o:dbbroadcast:mozart_next_30_firmware:-:::::::*
cpe:2.3:h:dbbroadcast:mozart_next_30:-:::::::*
cpe:2.3:o:dbbroadcast:mozart_next_300_firmware:-:::::::*
cpe:2.3:h:dbbroadcast:mozart_next_300:-:::::::*
cpe:2.3:o:dbbroadcast:mozart_next_3000_firmware:-:::::::*
cpe:2.3:h:dbbroadcast:mozart_next_3000:-:::::::*
cpe:2.3:o:dbbroadcast:mozart_next_3500_firmware:-:::::::*
cpe:2.3:h:dbbroadcast:mozart_next_3500:-:::::::*
cpe:2.3:o:dbbroadcast:mozart_next_50_firmware:-:::::::*