CVE-2025-0674
Elber Communications Equipment Authentication Bypass Using an Alternate Path or Channel
Multiple Elber products are affected by an authentication bypass
vulnerability which allows unauthorized access to the password
management functionality. Attackers can exploit this issue by
manipulating the endpoint to overwrite any user's password within the
system. This grants them unauthorized administrative access to protected
areas of the application, compromising the device's system security.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
Elber · Cleber/3 Broadcast Multi-Purpose PlatformElber · ESE DVB-S/S2 Satellite ReceiverElber · Reble610 M/ODU XPIC IP-ASI-SDHElber · Signum DVB-S/S2 IRDElber · Wayber Analog/Digital Audio STL¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →