📦 Mozart Dds Next 1000 Firmware

This vulnerability allows authenticated attackers to execute arbitrary commands with root privileges on DB Electronica Telecomunicazioni Mozart FM Transmitters. Attackers can inject malicious input in...

This vulnerability allows unauthenticated attackers to delete arbitrary files in the /var/www/patch/ directory of Mozart FM Transmitter devices. Attackers can exploit the deletepatch parameter in patc...

This CVE describes an unauthenticated OS command injection vulnerability in DB Electronica Telecomunicazioni Mozart FM Transmitters. Attackers can execute arbitrary shell commands on affected devices ...

This vulnerability allows attackers to overwrite arbitrary system files via path traversal in tar archive extraction. Attackers can craft malicious .tgz archives that, when processed by the vulnerable...

This vulnerability allows unauthenticated attackers to delete arbitrary .tgz files via path traversal in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitters. Attackers can exploit the delet...

This vulnerability allows unauthenticated attackers to execute arbitrary operating system commands on DB Electronica Telecomunicazioni Mozart FM Transmitters by exploiting improper input sanitization ...

This vulnerability allows unauthenticated attackers to delete arbitrary files from the /var/www/upload/ directory on affected Mozart FM Transmitters. Attackers can exploit the deleteupgrade parameter ...

This vulnerability allows unauthenticated attackers to upload malicious firmware files to Mozart FM Transmitter devices, potentially leading to remote code execution. It affects all listed models (30,...

This vulnerability allows unauthenticated attackers to upload arbitrary files to Mozart FM Transmitter devices via the patch_contents.php endpoint. Attackers can upload malicious files including websh...

This vulnerability allows unauthenticated attackers to upload arbitrary files to DB Electronica Telecomunicazioni's Mozart FM Transmitter devices via the status_contents.php endpoint. Attackers can po...

The Mozart FM Transmitter web management interface contains an unauthenticated file upload vulnerability that allows attackers to upload malicious files like PHP webshells without authentication. This...

This vulnerability allows unauthenticated attackers to read arbitrary files on DB Electronica Telecomunicazioni Mozart FM Transmitters by exploiting null byte injection in PHP 5.3.2. Attackers can byp...

This vulnerability allows attackers to cause a denial of service (DoS) by triggering an infinite loop in Mozart FM Transmitter software when file deletion fails. An attacker can exploit this by target...

This vulnerability allows authenticated attackers with administrative credentials to upload arbitrary files to the Mozart FM Transmitter web management interface. The uploaded files can be executed on...

This vulnerability allows attackers to inject malicious JavaScript into the Mozart FM Transmitter's patchlist.xml file through crafted filenames. When the system processes this XML file, the JavaScrip...

This SQL injection vulnerability in DB Electronica Telecomunicazioni's Mozart FM Transmitter allows attackers to execute arbitrary SQL queries via the status_sql.php endpoint. Attackers can exfiltrate...

This reflected XSS vulnerability in the Mozart FM Transmitter web interface allows attackers to inject malicious JavaScript via the ?m= parameter in /main0.php. When victims visit a crafted URL, attac...