CVE-2025-66252

Infinite Loop Denial of Service via Failed File Deletion in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Infinite loop when unlink fails in statuscontents.php causing DoS. Due to the...

CVE-2025-66251

Unauthenticated Path Traversal with Arbitrary File Deletion in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform The deletehidden parameter allows path traversal deletion of arbitrary .tgz...

EUVD-2025-199673

PostgreSQL SQL Injection statussql.php in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform SQL injection via sw1 and sw2 parameters in statussql.php. The statussql.php endpoint constructs...

CVE-2025-66256

The CVE concerns a vulnerability in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter series (versions 30–7000) where the /var/tdf/patch_contents.php endpoint allows unauthenticated, unrestricted file uploads. There is no file type validation, MIME checking, or size restriction beyond...

CVE-2025-66251 Unauthenticated Path Traversal with Arbitrary File Deletion

Unauthenticated Path Traversal with Arbitrary File Deletion in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform The deletehidden parameter allows path traversal deletion of arbitrary .tgz...

CVE-2025-66250

CVE-2025-66250 affects DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter firmware (models 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000). The vulnerability is an unauthenticated arbitrary file upload via the /var/tdf/status_contents.php endpoint in the status_contents.php ...

PT-2025-48103

Name of the Vulnerable Software and Affected Versions DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 Description An unauthenticated path traversal issue exists that allows for arbitrary file deletion. The deletehidd...

CVE-2025-63209

The ELCA Star Transmitter Remote Control firmware 1.25 for STAR150, BP1000, STAR300, STAR2000, STAR1000, STAR500, and possibly other models, contains an information disclosure vulnerability allowing unauthenticated attackers to retrieve admin credentials and system settings via an unprotected...

Electrolink FM/DAB/TV Transmitter (login.htm/mail.htm) - Credentials Disclosure

Electrolink FM/DAB/TV Transmitter login.htm/mail.htm Credentials Disclosure Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100...