CVE-2025-66252

Q: What is the severity of CVE-2025-66252?

CVE-2025-66252 has a CVSS score of 7.5 (HIGH). This vulnerability allows attackers to cause a denial of service (DoS) by triggering an infinite loop in Mozart FM Transmitter software when file deletion fails. An attacker can exploit this by targeting immutable files or files without proper permissions, causing the system to become unresponsive. All users of affected DB Electronica Telecomunicazioni Mozart FM Transmitter versions are impacted.

7.5 HIGH

Denial of Service

📋 TL;DR

This vulnerability allows attackers to cause a denial of service (DoS) by triggering an infinite loop in Mozart FM Transmitter software when file deletion fails. An attacker can exploit this by targeting immutable files or files without proper permissions, causing the system to become unresponsive. All users of affected DB Electronica Telecomunicazioni Mozart FM Transmitter versions are impacted.

💻 Affected Systems

Products:

DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter

Versions: 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000

Operating Systems: Unknown - likely embedded Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in status_contents.php file when unlink() operation fails in a while loop.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system unavailability requiring manual intervention or reboot, potentially disrupting FM broadcasting operations.

🟠

Likely Case

Service degradation or temporary unavailability of the FM transmitter web interface and control functions.

🟢

If Mitigated

Minimal impact with proper access controls and monitoring in place to detect and respond to DoS attempts.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires network access to the vulnerable endpoint but no authentication. Simple HTTP request can trigger the infinite loop.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: Yes

Instructions:

1. Contact DB Electronica Telecomunicazioni for patch information. 2. Apply any available vendor patches. 3. Restart affected services after patching.

🔧 Temporary Workarounds

Restrict File System Access

linux

Limit write/delete permissions to prevent unlink() failures on critical files.

chmod 444 /path/to/immutable/files
chattr +i /path/to/critical/files

Network Access Control

linux

Restrict access to the vulnerable endpoint using firewall rules.

iptables -A INPUT -p tcp --dport [PORT] -s [TRUSTED_IP] -j ACCEPT
iptables -A INPUT -p tcp --dport [PORT] -j DROP

🧯 If You Can't Patch

Implement strict network segmentation to isolate FM transmitter systems from untrusted networks.
Deploy rate limiting and DoS protection mechanisms at network perimeter.

🔍 How to Verify

Check if Vulnerable:

Check if status_contents.php exists and contains while loop with unlink() without proper error handling.

Check Version:

Check device web interface or contact vendor for version information.

Verify Fix Applied:

Verify that while loop in status_contents.php has proper error handling or has been removed.

📡 Detection & Monitoring

Log Indicators:

Repeated unlink() failure messages
High CPU usage on transmitter system
Web server process hanging

Network Indicators:

Multiple requests to status_contents.php endpoint
Unusual traffic patterns to transmitter management interface

SIEM Query:

source="transmitter_logs" AND (message="*unlink*" OR message="*status_contents*") | stats count by src_ip

📊 Metadata

CVE ID: CVE-2025-66252

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-835

EPSS Score: 0.1% exploit probability (27.3th percentile)

Published: November 26, 2025

Last Updated: December 3, 2025

🔗 References

https://www.abdulmhsblog.com/posts/webfmvulns/ Exploit,Third Party Advisory
https://www.abdulmhsblog.com/posts/webfmvulns/ Exploit,Third Party Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Mozart Dds Next 100 Firmware by Dbbroadcast

Mozart Dds Next 1000 Firmware by Dbbroadcast

Mozart Dds Next 2000 Firmware by Dbbroadcast

Mozart Dds Next 30 Firmware by Dbbroadcast

Mozart Dds Next 300 Firmware by Dbbroadcast

Mozart Dds Next 3000 Firmware by Dbbroadcast

Mozart Dds Next 3500 Firmware by Dbbroadcast

Mozart Dds Next 50 Firmware by Dbbroadcast

Mozart Dds Next 500 Firmware by Dbbroadcast

Mozart Dds Next 6000 Firmware by Dbbroadcast

Mozart Dds Next 7000 Firmware by Dbbroadcast

Mozart Next 100 Firmware by Dbbroadcast

Mozart Next 1000 Firmware by Dbbroadcast

Mozart Next 2000 Firmware by Dbbroadcast

Mozart Next 30 Firmware by Dbbroadcast

Mozart Next 300 Firmware by Dbbroadcast

Mozart Next 3000 Firmware by Dbbroadcast

Mozart Next 3500 Firmware by Dbbroadcast

Mozart Next 50 Firmware by Dbbroadcast

Mozart Next 500 Firmware by Dbbroadcast

Mozart Next 6000 Firmware by Dbbroadcast

Mozart Next 7000 Firmware by Dbbroadcast