Dbbroadcast Mozart Next 100 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Dbbroadcast Mozart Next 100 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-2025-66261 — CVSS 9.8 (critical): Unauthenticated OS Command Injection (restore_settings.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30…
CVE-2025-66259 — CVSS 9.8 (critical): Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter…
CVE-2025-66262 — CVSS 9.8 (critical): Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30…
CVE-2025-66250 — CVSS 9.8 (critical): Unauthenticated Arbitrary File Upload (status_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30…
CVE-2025-66253 — CVSS 9.8 (critical): Unauthenticated OS Command Injection (start_upgrade.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50…
CVE-2025-66255 — CVSS 9.8 (critical): Unauthenticated Arbitrary File Upload (upgrade_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30…
CVE-2025-66256 — CVSS 9.8 (critical): Unauthenticated Arbitrary File Upload (patch_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30…
CVE-2025-63228 — CVSS 9.8 (critical): The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains an unauthenticated file upload vulnerability in the…
CVE-2025-66251 — CVSS 9.1 (critical): Unauthenticated Path Traversal with Arbitrary File Deletion in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30…
CVE-2025-66254 — CVSS 9.1 (critical): Unauthenticated Arbitrary File Deletion (upgrade_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions…
CVE-2025-66257 — CVSS 9.1 (critical): Unauthenticated Arbitrary File Deletion (patch_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30…
CVE-2025-66263 — CVSS 7.5 (high): Unauthenticated Arbitrary File Read via Null Byte Injection in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30…
CVE-2025-66252 — CVSS 7.5 (high): Infinite Loop Denial of Service via Failed File Deletion in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50…
CVE-2025-63227 — CVSS 7.2 (high): The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains an unrestricted file upload vulnerability in the…
CVE-2025-66260 — CVSS 6.5 (medium): PostgreSQL SQL Injection (status_sql.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500…
CVE-2025-66258 — CVSS 5.4 (medium): Stored Cross-Site Scripting via XML Injection in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300…
CVE-2025-63229 — CVSS 5.4 (medium): The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains a reflected Cross-Site Scripting (XSS) vulnerability…