Vulnerability Description
A vulnerability was found in Comet System T0510, T3510, T3511, T4511, T6640, T7511, T7611, P8510, P8552 and H3531 1.60. Affected by this issue is some unknown functionality of the file /setupA.cfg of the component Web-based Management Interface. Performing manipulation results in missing authentication. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitation is known to be difficult. The exploit has been made public and could be used. There are still doubts about whether this vulnerability truly exists. The vendor explains, that "[d]evices described at CVE are not intended to be exposed into internet and proper security of devices is to end-users."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cometsystem | T7611 Firmware | 1-5-7-5.1252 |
| Cometsystem | T7611 | - |
| Cometsystem | T4511 Firmware | 1-5-7-5.1252 |
| Cometsystem | T4511 | - |
| Cometsystem | T0510 Firmware | 1-5-7-5.1252 |
| Cometsystem | T0510 | - |
| Cometsystem | T6640 Firmware | 1-5-7-5.1252 |
| Cometsystem | T6640 | - |
| Cometsystem | T3510 Firmware | 1-5-7-5.1252 |
| Cometsystem | T3510 | - |
| Cometsystem | T7511 Firmware | 1-5-7-5.1251 |
| Cometsystem | T7511 | - |
| Cometsystem | T3511 Firmware | 1-5-7-2.1151 |
| Cometsystem | T3511 | - |
| Cometsystem | P8510 Firmware | 4-5-8-0.3488 |
| Cometsystem | P8510 | - |
| Cometsystem | P8552 Firmware | 4-5-8-1.3502 |
| Cometsystem | P8552 | - |
| Cometsystem | H3531 Firmware | 9-5-0-1.1327 |
| Cometsystem | H3531 | - |
Related Weaknesses (CWE)
References
- https://github.com/zeke2997/CVE_request_comet_systemExploitThird Party Advisory
- https://github.com/zeke2997/CVE_request_comet_system#pocExploitThird Party Advisory
- https://vuldb.com/?ctiid.314074Permissions RequiredVDB Entry
- https://vuldb.com/?id.314074Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.599848Third Party AdvisoryVDB Entry
- https://github.com/zeke2997/CVE_request_comet_systemExploitThird Party Advisory
FAQ
What is CVE-2025-6763?
CVE-2025-6763 is a vulnerability with a CVSS score of 8.1 (HIGH). A vulnerability was found in Comet System T0510, T3510, T3511, T4511, T6640, T7511, T7611, P8510, P8552 and H3531 1.60. Affected by this issue is some unknown functionality of the file /setupA.cfg of ...
How severe is CVE-2025-6763?
CVE-2025-6763 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-6763?
Check the references section above for vendor advisories and patch information. Affected products include: Cometsystem T7611 Firmware, Cometsystem T7611, Cometsystem T4511 Firmware, Cometsystem T4511, Cometsystem T0510 Firmware.