Dbbroadcast

Mozart Dds Next 3000 Firmware

17 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-66263

Exploit
  • EPSS 0.05%
  • Veröffentlicht 26.11.2025 01:16:09
  • Zuletzt bearbeitet 03.12.2025 16:52:03

Unauthenticated Arbitrary File Read via Null Byte Injection in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Null byte injection in downl...

9.8

CVE-2025-66262

Exploit
  • EPSS 0.14%
  • Veröffentlicht 26.11.2025 01:16:09
  • Zuletzt bearbeitet 03.12.2025 16:51:48

Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Tar extraction with -C / allo...

9.8

CVE-2025-66261

Exploit
  • EPSS 0.63%
  • Veröffentlicht 26.11.2025 01:16:09
  • Zuletzt bearbeitet 03.12.2025 16:51:29

Unauthenticated OS Command Injection (restore_settings.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform URL-decoded name parameter p...

6.5

CVE-2025-66260

Exploit
  • EPSS 0.04%
  • Veröffentlicht 26.11.2025 01:16:09
  • Zuletzt bearbeitet 03.12.2025 16:51:12

PostgreSQL SQL Injection (status_sql.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform SQL injection via sw1 and sw2 parameters in st...

9.8

CVE-2025-66259

Exploit
  • EPSS 0.44%
  • Veröffentlicht 26.11.2025 01:16:09
  • Zuletzt bearbeitet 03.12.2025 16:50:43

Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform in main_ok.ph...

5.4

CVE-2025-66258

Exploit
  • EPSS 0.04%
  • Veröffentlicht 26.11.2025 01:16:09
  • Zuletzt bearbeitet 03.12.2025 16:50:30

Stored Cross-Site Scripting via XML Injection in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Stored XSS via crafted filenames injected ...

9.1

CVE-2025-66257

Exploit
  • EPSS 0.12%
  • Veröffentlicht 26.11.2025 00:43:54
  • Zuletzt bearbeitet 03.12.2025 16:50:15

Unauthenticated Arbitrary File Deletion (patch_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform The deletepatch parameter a...

9.8

CVE-2025-66256

Exploit
  • EPSS 0.08%
  • Veröffentlicht 26.11.2025 00:41:08
  • Zuletzt bearbeitet 03.12.2025 17:15:54

Unauthenticated Arbitrary File Upload (patch_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Unrestricted file upload in p...

9.8

CVE-2025-66255

Exploit
  • EPSS 0.2%
  • Veröffentlicht 26.11.2025 00:39:56
  • Zuletzt bearbeitet 03.12.2025 16:48:27

Unauthenticated Arbitrary File Upload (upgrade_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Missing signature validatio...

9.1

CVE-2025-66254

Exploit
  • EPSS 0.12%
  • Veröffentlicht 26.11.2025 00:37:48
  • Zuletzt bearbeitet 03.12.2025 16:47:59

Unauthenticated Arbitrary File Deletion (upgrade_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform The deleteupgrade paramet...