CVE-2025-63227

None

Description

The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains an unrestricted file upload vulnerability in the /patch.php endpoint. An attacker with administrative credentials can upload arbitrary files (e.g., PHP webshells), which are stored in the /patch/ directory. This allows the attacker to execute arbitrary commands on the server, potentially leading to full system compromise.

INFO

Published Date :

2025-11-18T00:00:00.000Z

Last Modified :

2025-11-19T15:46:24.479Z

Source :

mitre

AFFECTED PRODUCTS

The following products are affected by CVE-2025-63227 vulnerability.

Vendors	Products
Dbbroadcast	Mozart Dds Next 100 Mozart Dds Next 1000 Mozart Dds Next 1000 Firmware Mozart Dds Next 100 Firmware Mozart Dds Next 2000 Mozart Dds Next 2000 Firmware Mozart Dds Next 30 Mozart Dds Next 300 Mozart Dds Next 3000 Mozart Dds Next 3000 Firmware Mozart Dds Next 300 Firmware Mozart Dds Next 30 Firmware Mozart Dds Next 3500 Mozart Dds Next 3500 Firmware Mozart Dds Next 50 Mozart Dds Next 500 Mozart Dds Next 500 Firmware Mozart Dds Next 50 Firmware Mozart Dds Next 6000 Mozart Dds Next 6000 Firmware Mozart Dds Next 7000 Mozart Dds Next 7000 Firmware Mozart Fm Transmitter Mozart Next 100 Mozart Next 1000 Mozart Next 1000 Firmware Mozart Next 100 Firmware Mozart Next 2000 Mozart Next 2000 Firmware Mozart Next 30 Mozart Next 300 Mozart Next 3000 Mozart Next 3000 Firmware Mozart Next 300 Firmware Mozart Next 30 Firmware Mozart Next 3500 Mozart Next 3500 Firmware Mozart Next 50 Mozart Next 500 Mozart Next 500 Firmware Mozart Next 50 Firmware Mozart Next 6000 Mozart Next 6000 Firmware Mozart Next 7000 Mozart Next 7000 Firmware

Vendors

Products

Dbbroadcast

Mozart Dds Next 100
Mozart Dds Next 1000
Mozart Dds Next 1000 Firmware
Mozart Dds Next 100 Firmware
Mozart Dds Next 2000
Mozart Dds Next 2000 Firmware
Mozart Dds Next 30
Mozart Dds Next 300
Mozart Dds Next 3000
Mozart Dds Next 3000 Firmware
Mozart Dds Next 300 Firmware
Mozart Dds Next 30 Firmware
Mozart Dds Next 3500
Mozart Dds Next 3500 Firmware
Mozart Dds Next 50
Mozart Dds Next 500
Mozart Dds Next 500 Firmware
Mozart Dds Next 50 Firmware
Mozart Dds Next 6000
Mozart Dds Next 6000 Firmware
Mozart Dds Next 7000
Mozart Dds Next 7000 Firmware
Mozart Fm Transmitter
Mozart Next 100
Mozart Next 1000
Mozart Next 1000 Firmware
Mozart Next 100 Firmware
Mozart Next 2000
Mozart Next 2000 Firmware
Mozart Next 30
Mozart Next 300
Mozart Next 3000
Mozart Next 3000 Firmware
Mozart Next 300 Firmware
Mozart Next 30 Firmware
Mozart Next 3500
Mozart Next 3500 Firmware
Mozart Next 50
Mozart Next 500
Mozart Next 500 Firmware
Mozart Next 50 Firmware
Mozart Next 6000
Mozart Next 6000 Firmware
Mozart Next 7000
Mozart Next 7000 Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-63227.

URL	Resource
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63227_Mozart_FM_Transmitter_authenticated_File_Upload
https://www.dbbroadcast.com/

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact