Description

An issue was discovered in Dataphone A920 v2025.07.161103. A custom packet based on public documentation can be crafted, where some fields can contain arbitrary or trivial data. Normally, such data should cause the device to reject the packet. However, due to a lack of validation, the device accepts it with no authetication and triggers the functionality instead.

INFO

Published Date :

2025-10-28T00:00:00.000Z

Last Modified :

2025-10-29T13:57:25.919Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-61235 vulnerability.

Vendors Products
Paytef
  • Dataphone A920
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-61235.

URL Resource
https://github.com/stuxve/poc-dataphone-crafted-packet cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact