CVE-2025-63228

None

Description

The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains an unauthenticated file upload vulnerability in the /upload_file.php endpoint. An attacker can exploit this by sending a crafted POST request with a malicious file (e.g., a PHP webshell) to the server. The uploaded file is stored in the /upload/ directory, enabling remote code execution and full system compromise.

INFO

Published Date :

2025-11-18T00:00:00.000Z

Last Modified :

2025-11-19T15:45:32.208Z

Source :

mitre

AFFECTED PRODUCTS

The following products are affected by CVE-2025-63228 vulnerability.

Vendors	Products
Dbbroadcast	Mozart Dds Next 100 Mozart Dds Next 1000 Mozart Dds Next 1000 Firmware Mozart Dds Next 100 Firmware Mozart Dds Next 2000 Mozart Dds Next 2000 Firmware Mozart Dds Next 30 Mozart Dds Next 300 Mozart Dds Next 3000 Mozart Dds Next 3000 Firmware Mozart Dds Next 300 Firmware Mozart Dds Next 30 Firmware Mozart Dds Next 3500 Mozart Dds Next 3500 Firmware Mozart Dds Next 50 Mozart Dds Next 500 Mozart Dds Next 500 Firmware Mozart Dds Next 50 Firmware Mozart Dds Next 6000 Mozart Dds Next 6000 Firmware Mozart Dds Next 7000 Mozart Dds Next 7000 Firmware Mozart Fm Transmitter Mozart Next 100 Mozart Next 1000 Mozart Next 1000 Firmware Mozart Next 100 Firmware Mozart Next 2000 Mozart Next 2000 Firmware Mozart Next 30 Mozart Next 300 Mozart Next 3000 Mozart Next 3000 Firmware Mozart Next 300 Firmware Mozart Next 30 Firmware Mozart Next 3500 Mozart Next 3500 Firmware Mozart Next 50 Mozart Next 500 Mozart Next 500 Firmware Mozart Next 50 Firmware Mozart Next 6000 Mozart Next 6000 Firmware Mozart Next 7000 Mozart Next 7000 Firmware

Vendors

Products

Dbbroadcast

Mozart Dds Next 100
Mozart Dds Next 1000
Mozart Dds Next 1000 Firmware
Mozart Dds Next 100 Firmware
Mozart Dds Next 2000
Mozart Dds Next 2000 Firmware
Mozart Dds Next 30
Mozart Dds Next 300
Mozart Dds Next 3000
Mozart Dds Next 3000 Firmware
Mozart Dds Next 300 Firmware
Mozart Dds Next 30 Firmware
Mozart Dds Next 3500
Mozart Dds Next 3500 Firmware
Mozart Dds Next 50
Mozart Dds Next 500
Mozart Dds Next 500 Firmware
Mozart Dds Next 50 Firmware
Mozart Dds Next 6000
Mozart Dds Next 6000 Firmware
Mozart Dds Next 7000
Mozart Dds Next 7000 Firmware
Mozart Fm Transmitter
Mozart Next 100
Mozart Next 1000
Mozart Next 1000 Firmware
Mozart Next 100 Firmware
Mozart Next 2000
Mozart Next 2000 Firmware
Mozart Next 30
Mozart Next 300
Mozart Next 3000
Mozart Next 3000 Firmware
Mozart Next 300 Firmware
Mozart Next 30 Firmware
Mozart Next 3500
Mozart Next 3500 Firmware
Mozart Next 50
Mozart Next 500
Mozart Next 500 Firmware
Mozart Next 50 Firmware
Mozart Next 6000
Mozart Next 6000 Firmware
Mozart Next 7000
Mozart Next 7000 Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-63228.

URL	Resource
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63228_Mozart_FM_Transmitter_Unauthenticated_File_Upload
https://www.dbbroadcast.com/

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact