CVE-2025-66259

high-risk

Published 2025-11-26

Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform in main_ok.php user supplied data/hour/time is passed directly into date shell command

Do I need to act?

0.57% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (20)

Mozart Next 100 Firmware

Mozart Next 1000 Firmware

Mozart Next 2000 Firmware

Mozart Next 30 Firmware

Mozart Next 300 Firmware

Mozart Next 3000 Firmware

Mozart Next 3500 Firmware

Mozart Next 50 Firmware

Mozart Next 500 Firmware

Mozart Next 6000 Firmware

Mozart Next 7000 Firmware

Mozart Dds Next 30 Firmware

Mozart Dds Next 50 Firmware

Mozart Dds Next 100 Firmware

Mozart Dds Next 300 Firmware

Mozart Dds Next 500 Firmware

Mozart Dds Next 1000 Firmware

Mozart Dds Next 2000 Firmware

Mozart Dds Next 3000 Firmware

Mozart Dds Next 3500 Firmware

Affected Vendors

Dbbroadcast

References (1)

Exploit https://www.abdulmhsblog.com/posts/webfmvulns/

/ 100

high-risk

Severity 32/34 · Critical

Exploitability 2/34 · Minimal

Exposure 20/34 · Moderate