Cybersecurity Vulnerabilities

Critical Unauthenticated Arbitrary File Upload Vulnerability in DB Electronica Mozart FM Transmitters (CVE-2025-66255)

November 26, 2025 - By 

Overview

CVE-2025-66255 details a critical security vulnerability affecting DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitters. Specifically, versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, and 7000 are susceptible to an unauthenticated arbitrary file upload vulnerability. This flaw resides in the `upgrade_contents.php` endpoint and allows attackers to upload malicious firmware packages, potentially leading to remote code execution.

Technical Details

The vulnerability stems from a lack of proper validation within the `upgrade_contents.php` endpoint. The endpoint does not enforce crucial security checks, including:

  • Missing Signature Validation: Firmware packages are not verified for cryptographic signatures, allowing attackers to tamper with the firmware and bypass authenticity checks.
  • Unrestricted File Type Upload: The endpoint fails to enforce the expected `.tgz` format for firmware uploads, enabling the upload of arbitrary file types.
  • Missing File Header Validation: The system does not validate file headers.

This lack of validation enables an attacker to upload malicious firmware, which the system then executes. The `upgrade_contents.php` endpoint also facilitates further arbitrary file uploads, paving the way for remote code execution.

CVSS Analysis

Currently, a CVSS score for CVE-2025-66255 is not available (N/A). However, given the potential for unauthenticated arbitrary file upload and subsequent remote code execution, the severity is likely to be critical. A full CVSS analysis should be performed once more information becomes available.

Possible Impact

The exploitation of this vulnerability can have severe consequences:

  • Remote Code Execution: An attacker can execute arbitrary code on the affected FM transmitter, potentially gaining complete control of the device.
  • Device Compromise: Malicious firmware can compromise the functionality of the FM transmitter, leading to disruptions in broadcasting services.
  • Data Breach: An attacker might gain access to sensitive data stored on the device or within the network it’s connected to.
  • Denial of Service: The FM transmitter can be rendered unusable, causing a disruption in broadcasting services.

Mitigation and Patch Steps

The immediate recommended mitigation steps are:

  • Network Segmentation: Isolate the FM transmitter from other critical network segments to limit the potential impact of a successful attack.
  • Monitor Network Traffic: Closely monitor network traffic to and from the FM transmitter for any suspicious activity.

The primary solution is to apply a patch provided by DB Electronica. Contact DB Electronica support for the availability of a firmware update that addresses this vulnerability. Once available, immediately apply the update to all affected FM transmitters.

Specifically, the vendor needs to implement the following checks:

  • Implement Cryptographic Signature Validation: Verify the authenticity and integrity of firmware packages using cryptographic signatures.
  • Enforce File Type Restrictions: Strictly enforce the `.tgz` format requirement for firmware uploads.
  • Implement File Header Validation: validate file headers against expected values.

References

Abdulmhsblog.com: Web FM Vulns – Details on the Vulnerability

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

Related Posts

CVE-2025-61932 Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

CVE-2025-61932: Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

October 23, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *