3 matches found
CVE-2025-28237
CVE-2025-28237 affects WorldCast Systems ECRESO FM/DAB/TV Transmitter v1.10.1. A crafted JSON payload allows authenticated attackers to escalate privileges (per CVSSv3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H; base score 8.8). Connected sources indicate PoC exists; exploitation status is not unifor...
Electrolink FM/DAB/TV Transmitter Vertical Privilege Escalation Vulnerability
Electrolink FM/DAB/TV Transmitter suffers from a privilege escalation vulnerability. An attacker can escalate his privileges by poisoning the Cookie from GUEST to ADMIN to effectively become Administrator or poisoning to ZSL to become Super Administrator. Electrolink FM/DAB/TV Transmitter Vertica...
Electrolink FM/DAB/TV Transmitter Pre-Auth MPFS Image Remote Code Execution Vulnerability
Electrolink FM/DAB/TV Transmitter allows access to an unprotected endpoint that allows an MPFS File System binary image upload without authentication. The MPFS2 file system module provides a light-weight read-only file system that can be stored in external EEPROM, external serial Flash, or intern...