1. Home
  2. CVE Database
  3. CVE-2025-63207
CRITICAL · 9.8

CVE-2025-63207

The R.V.R Elettronica TEX product (firmware TEXL-000400, Web GUI TLAN-000400) is vulnerable to broken access control due to improper authentication checks on the /_Passwd.html endpoint. An attacker ca...

Vulnerability Description

The R.V.R Elettronica TEX product (firmware TEXL-000400, Web GUI TLAN-000400) is vulnerable to broken access control due to improper authentication checks on the /_Passwd.html endpoint. An attacker can send an unauthenticated POST request to change the Admin, Operator, and User passwords, resulting in complete system compromise.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
RvrTex30Lcd\/S Firmwaretexl-000400
RvrTex30Lcd\/S-
RvrTex50Lcd\/S Firmwaretexl-000400
RvrTex50Lcd\/S-
RvrTex100Lcd\/S Firmwaretexl-000400
RvrTex100Lcd\/S-
RvrTex150Lcd\/S Firmwaretexl-000400
RvrTex150Lcd\/S-
RvrTex300Lcd Firmwaretexl-000400
RvrTex300Lcd-
RvrTex502Lcd Firmwaretexl-000400
RvrTex502Lcd-
RvrTex702Lcd Firmwaretexl-000400
RvrTex702Lcd-
RvrTex3500Lcd Firmwaretexl-000400
RvrTex3500Lcd-
RvrTex1002Lcd Firmwaretexl-000400
RvrTex1002Lcd-
RvrTex2000Light Firmwaretexl-000400
RvrTex2000Light-

Related Weaknesses (CWE)

CWE-287

References

FAQ

What is CVE-2025-63207?

CVE-2025-63207 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The R.V.R Elettronica TEX product (firmware TEXL-000400, Web GUI TLAN-000400) is vulnerable to broken access control due to improper authentication checks on the /_Passwd.html endpoint. An attacker ca...

How severe is CVE-2025-63207?

CVE-2025-63207 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2025-63207?

Check the references section above for vendor advisories and patch information. Affected products include: Rvr Tex30Lcd\/S Firmware, Rvr Tex30Lcd\/S, Rvr Tex50Lcd\/S Firmware, Rvr Tex50Lcd\/S, Rvr Tex100Lcd\/S Firmware.