CVE-2025-66256
CRITICALDbbroadcast Mozart Next 100 Firmware - Unrestricted File Upload
Title source: ruleDescription
Unauthenticated Arbitrary File Upload (patch_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Unrestricted file upload in patch_contents.php allows uploading malicious files. The `/var/tdf/patch_contents.php` endpoint allows unauthenticated arbitrary file uploads without file type validation, MIME checking, or size restrictions beyond 16MB, enabling attackers to upload malicious files.
References (1)
Core 1
Core References
Exploit, Third Party Advisory exploit
technical-description
https://www.abdulmhsblog.com/posts/webfmvulns/
Scores
CVSS v3
9.8
EPSS
0.0015
EPSS Percentile
34.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
CWE
CWE-434
Status
published
Products (22)
dbbroadcast/mozart_dds_next_1000_firmware
dbbroadcast/mozart_dds_next_100_firmware
dbbroadcast/mozart_dds_next_2000_firmware
dbbroadcast/mozart_dds_next_3000_firmware
dbbroadcast/mozart_dds_next_300_firmware
dbbroadcast/mozart_dds_next_30_firmware
dbbroadcast/mozart_dds_next_3500_firmware
dbbroadcast/mozart_dds_next_500_firmware
dbbroadcast/mozart_dds_next_50_firmware
dbbroadcast/mozart_dds_next_6000_firmware
... and 12 more
Published
Nov 26, 2025
Tracked Since
Feb 18, 2026