Vulnerabilities in DB Electronica Telecomunicazioni S.p.A.
14 resultsCVE-2025-66253CRITICALUnauthenticated OS Command Injection (start_upgrade.php)EPSS 2.1%CVE-2025-66261CRITICALUnauthenticated OS Command Injection (restore_settings.php)EPSS 2.1%CVE-2025-66262CRITICALArbitrary File Overwrite via Tar Extraction Path TraversalEPSS 1.2%CVE-2025-66259CRITICALAuthenticated Root Remote Code Execution through improper filtering of HTTP post request parametersEPSS 0.6%CVE-2025-66251HIGHUnauthenticated Path Traversal with Arbitrary File DeletionEPSS 0.4%CVE-2025-66250CRITICALUnauthenticated Arbitrary File Upload (status_contents.php)EPSS 0.4%CVE-2025-66256CRITICALUnauthenticated Arbitrary File Upload (patch_contents.php)EPSS 0.4%CVE-2025-66263HIGHUnauthenticated Arbitrary File Read via Null Byte InjectionEPSS 0.3%CVE-2025-66257CRITICALUnauthenticated Arbitrary File Deletion (patch_contents.php)EPSS 0.3%CVE-2025-66254HIGHUnauthenticated Arbitrary File Deletion (upgrade_contents.php)EPSS 0.3%CVE-2025-66255CRITICALUnauthenticated Arbitrary File Upload (upgrade_contents.php)EPSS 0.3%CVE-2025-66252HIGHInfinite Loop Denial of Service via Failed File DeletionEPSS 0.3%CVE-2025-66260HIGHPostgreSQL SQL Injection (status_sql.php)EPSS 0.3%CVE-2025-66258HIGHStored Cross-Site Scripting via XML InjectionEPSS 0.2%