Vulners
Lucene search
CVE-2025-0674
🗓️ 06 Feb 2025 23:42:33Reported by icscertType 
cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 88 Views🌐 WEB
| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
 | The vulnerability of Elber Communications Equipment’s software products lies in their ability to bypass the authentication process by using an alternative path or channel. This allows attackers to circumvent the authentication procedures. | 14 May 202500:00 | – | bdu_fstec |
 | CVE-2025-0674 | 4 Feb 202511:00 | – | circl |
 | Elber Communications Equipment 安全漏洞 | 7 Feb 202500:00 | – | cnnvd |
 | CVE-2025-0674 Elber Communications Equipment Authentication Bypass Using an Alternate Path or Channel | 6 Feb 202523:42 | – | cvelist |
 | Elber ESE DVB-S/S2 - Authentication Bypass | 8 Jun 202604:09 | – | nuclei |
 | CVE-2025-0674 | 7 Feb 202500:15 | – | nvd |
 | PT-2025-5690 · Elber · Elber | 4 Feb 202500:00 | – | ptsecurity |
 | CVE-2025-0674 | 9 Feb 202500:24 | – | redhatcve |
 | VulnCheck KEV: CVE-2025-0674 | 18 Jul 202500:00 | – | vulncheck_kev |
 | CVE-2025-0674 Elber Communications Equipment Authentication Bypass Using an Alternate Path or Channel | 6 Feb 202523:42 | – | vulnrichment |
10
Node
[
{
"defaultStatus": "unaffected",
"product": "Signum DVB-S/S2 IRD",
"vendor": "Elber",
"versions": [
{
"lessThanOrEqual": "1.999",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cleber/3 Broadcast Multi-Purpose Platform",
"vendor": "Elber",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Reble610 M/ODU XPIC IP-ASI-SDH",
"vendor": "Elber",
"versions": [
{
"status": "affected",
"version": "0.01"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ESE DVB-S/S2 Satellite Receiver",
"vendor": "Elber",
"versions": [
{
"lessThanOrEqual": "1.5.179",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Wayber Analog/Digital Audio STL",
"vendor": "Elber",
"versions": [
{
"status": "affected",
"version": "4"
}
]
}
]| Source | Link |
|---|---|
| cisa | www.cisa.gov/news-events/ics-advisories/icsa-25-035-03 |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| lev | query param | json_data/set_pwd | Authentication bypass by manipulating the set_pwd endpoint to overwrite a user's password and gain administrative access. | CWE-288 |
| pass | query param | json_data/set_pwd | Authentication bypass by manipulating the set_pwd endpoint to overwrite a user's password and gain administrative access. | CWE-288 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
15 Apr 2026 00:35Current
9.8High risk
Vulners AI Score9.8
CVSS 49.3
CVSS 3.19.8
EPSS0.15386
SSVC