Db Electronica Telecomunicazioni S.P.A Mozart Fm Transmitter vulnerabilities
14 known vulnerabilities affecting db_electronica_telecomunicazioni_s.p.a/mozart_fm_transmitter.
Total CVEs
14
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL10HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-66261P2CRITICALCVSS 9.8v30v50+9 more2025-11-26
CVE-2025-66261 [CRITICAL] CWE-78 CVE-2025-66261: Unauthenticated OS Command Injection (restore_settings.php) in DB Electronica Telecomunicazioni S.p.
Unauthenticated OS Command Injection (restore_settings.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform URL-decoded name parameter passed to exec() allows remote code execution.
The `/var/tdf/restore_settings.php` endpoint passes us
nvd
CVE-2025-66253P2CRITICALCVSS 9.8v30v50+9 more2025-11-26
CVE-2025-66253 [CRITICAL] CWE-78 CVE-2025-66253: Unauthenticated OS Command Injection (start_upgrade.php) in DB Electronica Telecomunicazioni S.p.A.
Unauthenticated OS Command Injection (start_upgrade.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform User input passed directly to exec() allows remote code execution via start_upgrade.php. The `/var/tdf/start_upgrade.php` endpoint p
nvd
CVE-2025-66255P2CRITICALCVSS 9.8v30v50+9 more2025-11-26
CVE-2025-66255 [CRITICAL] CWE-345 CVE-2025-66255: Unauthenticated Arbitrary File Upload (upgrade_contents.php) in DB Electronica Telecomunicazioni S.p
Unauthenticated Arbitrary File Upload (upgrade_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Missing signature validation allows uploading malicious firmware packages.
The firmware upgrade endpoint in `upgrade_contents.
nvd
CVE-2025-66256P2CRITICALCVSS 9.8v30v50+9 more2025-11-26
CVE-2025-66256 [CRITICAL] CWE-434 CVE-2025-66256: Unauthenticated Arbitrary File Upload (patch_contents.php) in DB Electronica Telecomunicazioni S.p.A
Unauthenticated Arbitrary File Upload (patch_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Unrestricted file upload in patch_contents.php allows uploading malicious files.
The `/var/tdf/patch_contents.php` endpoint all
nvd
CVE-2025-66250P2CRITICALCVSS 9.8v30v50+9 more2025-11-26
CVE-2025-66250 [CRITICAL] CWE-434 CVE-2025-66250: Unauthenticated Arbitrary File Upload (status_contents.php) in DB Electronica Telecomunicazioni S.p.
Unauthenticated Arbitrary File Upload (status_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Allows unauthenticated arbitrary file upload via /var/tdf/status_contents.php.
nvd
CVE-2025-66257P2CRITICALCVSS 9.1v30v50+9 more2025-11-26
CVE-2025-66257 [CRITICAL] CWE-73 CVE-2025-66257: Unauthenticated Arbitrary File Deletion (patch_contents.php) in DB Electronica Telecomunicazioni S.p
Unauthenticated Arbitrary File Deletion (patch_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform The deletepatch parameter allows unauthenticated deletion of arbitrary files.
The `deletepatch` parameter in `patch_contents.ph
nvd
CVE-2025-66262P2CRITICALCVSS 9.8v30v50+9 more2025-11-26
CVE-2025-66262 [CRITICAL] CWE-22 CVE-2025-66262: Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S.p.A
Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Tar extraction with -C / allow arbitrary file overwrite via crafted archive.
The `restore_mozzi_memories.sh` script extracts user
nvd
CVE-2025-66259P2CRITICALCVSS 9.8v30v50+9 more2025-11-26
CVE-2025-66259 [CRITICAL] CWE-20 CVE-2025-66259: Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica Telecom
Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform in main_ok.php user supplied data/hour/time is passed directly into date shell command
nvd
CVE-2025-66254P2CRITICALCVSS 9.1v30v50+9 more2025-11-26
CVE-2025-66254 [CRITICAL] CWE-73 CVE-2025-66254: Unauthenticated Arbitrary File Deletion (upgrade_contents.php) in DB Electronica Telecomunicazioni S
Unauthenticated Arbitrary File Deletion (upgrade_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform The deleteupgrade parameter allows unauthenticated deletion of arbitrary files.
The `deleteupgrade` parameter in `/var/www/u
nvd
CVE-2025-66251P2CRITICALCVSS 9.1v30v50+9 more2025-11-26
CVE-2025-66251 [CRITICAL] CWE-22 CVE-2025-66251: Unauthenticated Path Traversal with Arbitrary File Deletion in DB Electronica Telecomunicazioni S.p.
Unauthenticated Path Traversal with Arbitrary File Deletion in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform The deletehidden parameter allows path traversal deletion of arbitrary .tgz files.
nvd
CVE-2025-66263P3HIGHCVSS 7.5v30v50+9 more2025-11-26
CVE-2025-66263 [HIGH] CWE-158 CVE-2025-66263: Unauthenticated Arbitrary File Read via Null Byte Injection in DB Electronica Telecomunicazioni S.p.
Unauthenticated Arbitrary File Read via Null Byte Injection in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Null byte injection in download_setting.php allows reading arbitrary files.
The `/var/tdf/download_setting.php` endpoint constructs
nvd
CVE-2025-66260P3MEDIUMCVSS 6.5v30v50+9 more2025-11-26
CVE-2025-66260 [MEDIUM] CWE-89 CVE-2025-66260: PostgreSQL SQL Injection (status_sql.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Trans
PostgreSQL SQL Injection (status_sql.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform SQL injection via sw1 and sw2 parameters in status_sql.php.
The `status_sql.php` endpoint constructs SQL UPDATE queries by directly concatenating us
nvd
CVE-2025-66252P3HIGHCVSS 7.5v30v50+9 more2025-11-26
CVE-2025-66252 [HIGH] CWE-835 CVE-2025-66252: Infinite Loop Denial of Service via Failed File Deletion in DB Electronica Telecomunicazioni S.p.A.
Infinite Loop Denial of Service via Failed File Deletion in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Infinite loop when unlink() fails in status_contents.php causing DoS. Due to the fact that the unlink operation is done in a while loop
nvd
CVE-2025-66258P4MEDIUMCVSS 5.4v30v50+9 more2025-11-26
CVE-2025-66258 [MEDIUM] CWE-79 CVE-2025-66258: Stored Cross-Site Scripting via XML Injection in DB Electronica Telecomunicazioni S.p.A. Mozart FM T
Stored Cross-Site Scripting via XML Injection in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Stored XSS via crafted filenames injected into patchlist.xml.
User-controlled filenames are directly concatenated into `patchlist.xml` without e
nvd