9.8

CVE-2025-63217

Exploit

EPSS 0.16%
Veröffentlicht 18.11.2025 00:00:00
Zuletzt bearbeitet 15.01.2026 21:57:14
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The Itel DAB MUX (IDMUX build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Itel ≫ Id Mux Firmware Version-

Itel ≫ Id Mux Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.16%	0.375

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-288 Authentication Bypass Using an Alternate Path or Channel

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

https://www.itel.it/

Product

https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63217%20_%20Itel%20DAB%20MUX%20Authentication%20Bypass

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2025-63217

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-63217

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-63217

EUVD