CVE-2025-66723
📋 TL;DR
CVE-2025-66723 is an insecure permissions vulnerability in inMusic Brands Engine DJ software where the Remote Library's exposed HTTP service allows attackers to access all files and network paths. This affects users running Engine DJ versions before 4.3.4, potentially exposing sensitive data and system resources.
💻 Affected Systems
- inMusic Brands Engine DJ
📦 What is this software?
Engine Dj Desktop by Inmusicbrands
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise through file system traversal, credential theft, lateral movement to other network systems, and potential ransomware deployment.
Likely Case
Unauthorized access to music libraries, configuration files, and local system files, potentially leading to data theft or manipulation of DJ sets.
If Mitigated
Limited to accessing only non-sensitive application files if proper network segmentation and access controls are implemented.
🎯 Exploit Status
Simple HTTP requests can exploit this vulnerability without authentication. Public GitHub repository contains proof-of-concept code.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 4.3.4
Vendor Advisory: https://www.inmusicbrands.com/
Restart Required: Yes
Instructions:
1. Download Engine DJ 4.3.4 or later from official inMusic Brands website. 2. Run the installer. 3. Restart the application. 4. Verify version in Help > About.
🔧 Temporary Workarounds
Disable Remote Library Service
allTurn off the vulnerable HTTP service in Engine DJ settings
Firewall Block
windowsBlock inbound connections to Engine DJ's HTTP service port
Windows: netsh advfirewall firewall add rule name="Block Engine DJ" dir=in action=block protocol=TCP localport=[PORT]
🧯 If You Can't Patch
- Network segmentation: Isolate Engine DJ systems from sensitive networks
- Implement strict access controls and monitor for unusual file access patterns
🔍 How to Verify
Check if Vulnerable:
Check if Engine DJ version is below 4.3.4 and Remote Library service is running. Test with HTTP request to service endpoint.Check Version:
In Engine DJ: Help > About menu shows versionVerify Fix Applied:
Verify version is 4.3.4 or higher in Help > About menu. Test that file access via HTTP service is now properly restricted.📡 Detection & Monitoring
Log Indicators:
- Unusual HTTP requests to Engine DJ service
- File access patterns from unauthorized IP addresses
Network Indicators:
- HTTP traffic to Engine DJ service port from unexpected sources
- Directory traversal patterns in HTTP requests
SIEM Query:
source="engine_dj.log" AND (http_request="*../*" OR http_status="200" AND user_agent!="EngineDJ*")