1. Home
  2. CVE Database
  3. CVE-2025-66261
CRITICAL · 9.8

CVE-2025-66261

Unauthenticated OS Command Injection (restore_settings.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows a...

Vulnerability Description

Unauthenticated OS Command Injection (restore_settings.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform URL-decoded name parameter passed to exec() allows remote code execution. The `/var/tdf/restore_settings.php` endpoint passes user-controlled `$_GET["name"]` parameter through `urldecode()` directly into `exec()` without validation or escaping. Attackers can inject arbitrary shell commands using metacharacters (`;`, `|`, `&&`, etc.) to achieve unauthenticated remote code execution as the web server user.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
DbbroadcastMozart Next 100 Firmware-
DbbroadcastMozart Next 100-
DbbroadcastMozart Next 1000 Firmware-
DbbroadcastMozart Next 1000-
DbbroadcastMozart Next 2000 Firmware-
DbbroadcastMozart Next 2000-
DbbroadcastMozart Next 30 Firmware-
DbbroadcastMozart Next 30-
DbbroadcastMozart Next 300 Firmware-
DbbroadcastMozart Next 300-
DbbroadcastMozart Next 3000 Firmware-
DbbroadcastMozart Next 3000-
DbbroadcastMozart Next 3500 Firmware-
DbbroadcastMozart Next 3500-
DbbroadcastMozart Next 50 Firmware-
DbbroadcastMozart Next 50-
DbbroadcastMozart Next 500 Firmware-
DbbroadcastMozart Next 500-
DbbroadcastMozart Next 6000 Firmware-
DbbroadcastMozart Next 6000-

Related Weaknesses (CWE)

CWE-78

References

FAQ

What is CVE-2025-66261?

CVE-2025-66261 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Unauthenticated OS Command Injection (restore_settings.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows a...

How severe is CVE-2025-66261?

CVE-2025-66261 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2025-66261?

Check the references section above for vendor advisories and patch information. Affected products include: Dbbroadcast Mozart Next 100 Firmware, Dbbroadcast Mozart Next 100, Dbbroadcast Mozart Next 1000 Firmware, Dbbroadcast Mozart Next 1000, Dbbroadcast Mozart Next 2000 Firmware.