Vulnerability Description
The web management interface in ETL Systems Ltd DEXTRA Series ' Digital L-Band Distribution System v1.8 does not implement Cross-Site Request Forgery (CSRF) protection mechanisms (no tokens, no Origin/Referer validation) on critical configuration endpoints.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Etlsystems | D0116S1Ula-22454 Firmware | 1.8 |
| Etlsystems | D0116S1Ula-22454 | - |
| Etlsystems | D0116S1Uia-22474 Firmware | 1.8 |
| Etlsystems | D0116S1Uia-22474 | - |
| Etlsystems | C0401S1Ula-22418 Firmware | 1.8 |
| Etlsystems | C0401S1Ula-22418 | - |
| Etlsystems | C0801S1Ula-22420 Firmware | 1.8 |
| Etlsystems | C0801S1Ula-22420 | - |
| Etlsystems | C1601S1Ula-22422 Firmware | 1.8 |
| Etlsystems | C1601S1Ula-22422 | - |
| Etlsystems | C0401S1Ula-22455 Firmware | 1.8 |
| Etlsystems | C0401S1Ula-22455 | - |
| Etlsystems | C0801S1Ula-22457 Firmware | 1.8 |
| Etlsystems | C0801S1Ula-22457 | - |
| Etlsystems | C1601S1Ula-22459 Firmware | 1.8 |
| Etlsystems | C1601S1Ula-22459 | - |
| Etlsystems | C1601S1Uia-22479 Firmware | 1.8 |
| Etlsystems | C1601S1Uia-22479 | - |
| Etlsystems | D0104D1Ula-22411 Firmware | 1.8 |
| Etlsystems | D0104D1Ula-22411 | - |
Related Weaknesses (CWE)
References
- https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-6701ExploitThird Party Advisory
- https://www.etlsystems.com/Product
FAQ
What is CVE-2025-67013?
CVE-2025-67013 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The web management interface in ETL Systems Ltd DEXTRA Series ' Digital L-Band Distribution System v1.8 does not implement Cross-Site Request Forgery (CSRF) protection mechanisms (no tokens, no Origin...
How severe is CVE-2025-67013?
CVE-2025-67013 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-67013?
Check the references section above for vendor advisories and patch information. Affected products include: Etlsystems D0116S1Ula-22454 Firmware, Etlsystems D0116S1Ula-22454, Etlsystems D0116S1Uia-22474 Firmware, Etlsystems D0116S1Uia-22474, Etlsystems C0401S1Ula-22418 Firmware.