CVE-2025-67014

HIGH

Axing Dev7113 Firmware - Improper Access Control

Title source: rule

Description

Incorrect access control in DEV Systemtechnik GmbH DEV 7113 RF over Fiber Distribution System 32-0078 H.01 allows unauthenticated attackers to access an administrative endpoint.

References (2)

Core 2

Core References

Product

https://dev-systemtechnik.com

Exploit, Third Party Advisory, Mitigation

https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-67014%20_%20DEV%20Systemtechnik%20GmbH%20DEV%207113%20RF%20over%20_%20Broken%20Access%20Control

View Exploit ZIP pw:eip

Scores

CVSS v3 7.5

EPSS 0.0003

EPSS Percentile 10.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-284

Status published

Products (1)

axing/dev7113_firmware 32-0078_h.01

Published Dec 26, 2025

Tracked Since Feb 18, 2026