CVE-2025-0674
published 2025-02-07CVE-2025-0674: Multiple Elber products are affected by an authentication bypass vulnerability which allows unauthorized access to the password management functionality…
PriorityP185critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
3.80%
88.7th percentile
Multiple Elber products are affected by an authentication bypass
vulnerability which allows unauthorized access to the password
management functionality. Attackers can exploit this issue by
manipulating the endpoint to overwrite any user's password within the
system. This grants them unauthorized administrative access to protected
areas of the application, compromising the device's system security.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elber | cleber_3_broadcast_multi-purpose_platform | — | — |
| elber | ese_dvb-s_s2_satellite_receiver | <= 1.5.179 | — |
| elber | reble610_m_odu_xpic_ip-asi-sdh | — | — |
| elber | signum_dvb-s_s2_ird | <= 1.999 | — |
| elber | wayber_analog_digital_audio_stl | — | — |
Detection & IOCsextracted from sources · hover to see the quote
url/modules/pwd.html
url/json_data/set_pwd?lev=2&pass=admin1234
commandGET /json_data/set_pwd?lev=2&pass=admin1234
- →Probe for the password management page at /modules/pwd.html; a response containing 'Manage system Password' confirms a vulnerable Elber device is present.
- →Exploitation attempt is a single unauthenticated GET to /json_data/set_pwd with query parameters lev and pass; a response body containing 'Apply successfully' confirms successful password overwrite.
- →Use FOFA query 'title="Elber Satellite Equipment" || body="www.elber.it"' to identify internet-exposed Elber devices for targeted scanning.
- →Response keyword 'Apply successfully' in the body of a reply to /json_data/set_pwd indicates the unauthenticated password reset succeeded.
- →Affected products include Signum DVB-S/S2 IRD (≤1.999), Cleber/3 v1.0, Reble610 v0.01, ESE DVB-S/S2 (≤1.5.179), and Wayber v4; fingerprint these version strings during asset discovery. ↗
- ·Elber has confirmed it does not plan to patch these vulnerabilities because the affected equipment is end-of-life or near end-of-life; no vendor fix is forthcoming. ↗
- ·Public exploits are already available for this vulnerability, raising the urgency of network-level controls. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vulncheck9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-prgf-4jmg-r3v9: Multiple Elber products are affected by an authentication bypass
vulnerability which allows unauthorized access to the password
management functionali
ghsa_unreviewed·2025-02-07
CVE-2025-0674 [CRITICAL] CWE-288 GHSA-prgf-4jmg-r3v9: Multiple Elber products are affected by an authentication bypass
vulnerability which allows unauthorized access to the password
management functionali
Multiple Elber products are affected by an authentication bypass
vulnerability which allows unauthorized access to the password
management functionality. Attackers can exploit this issue by
manipulating the endpoint to overwrite any user's password within the
system. This grants them unauthorized administrative access to protected
areas of the application, compromising the device's system security.
VulnCheck
Authentication Bypass Using an Alternate Path or Channel
vulncheck·2025·CVSS 9.3
CVE-2025-0674 [CRITICAL] Authentication Bypass Using an Alternate Path or Channel
Authentication Bypass Using an Alternate Path or Channel
Multiple Elber products are affected by an authentication bypass
vulnerability which allows unauthorized access to the password
management functionality. Attackers can exploit this issue by
manipulating the endpoint to overwrite any user's password within the
system. This grants them unauthorized administrative access to protected
areas of the application, compromising the device's system security.
Affected: Elber Elber Communications Equipment
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2025-07-18&host_type=src&vulner
CISA ICS
Elber Communications Equipment
cisa_ics·2025-02-04·CVSS 9.3
[CRITICAL] Elber Communications Equipment
ICS Advisory
##
Elber Communications Equipment
Release DateFebruary 04, 2025
Alert CodeICSA-25-035-03
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/low attack complexity/public exploits are available
- Vendor: Elber
- Equipment: Communications Equipment
- Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Hidden Functionality
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker unauthorized administrative access to the affected device.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of Elber Communications Equipment are affected:
- Signum DV
No detection rules found.
Nuclei
Elber ESE DVB-S/S2 - Authentication Bypass
nuclei·CVSS 9.3
CVE-2025-0674 [CRITICAL] Elber ESE DVB-S/S2 - Authentication Bypass
Elber ESE DVB-S/S2 - Authentication Bypass
Multiple Elber products are affected by an authentication bypass vulnerability which allows unauthorized access to the password management functionality. Attackers can exploit this issue by manipulating the endpoint to overwrite any user's password within the system.
Template:
id: CVE-2025-0674
info:
name: Elber ESE DVB-S/S2 - Authentication Bypass
author: DhiyaneshDK
severity: critical
description: |
Multiple Elber products are affected by an authentication bypass vulnerability which allows unauthorized access to the password management functionality. Attackers can exploit this issue by manipulating the endpoint to overwrite any user's password within the system.
remediation: |
Apply security patches from Elber or restrict access to the passw
No writeups or analysis indexed.
2025-02-07
Published
Exploited in the wild