CVE-2025-63219

High CVSS: 7.5

The ITEL ISO FM SFN Adapter (firmware ISO2 2.0.0.0, WebServer 2.0) is vulnerable to session hijacking due to improper session management on the /home.html endpoint. An attacker can access an active session without authentication, allowing them to control the device, modify configurations, and compromise system integrity.

Vendor

Itel

Product

Iso-fm Firmware

CWE

CWE-284

Yayın Tarihi

2025-11-19 15:15:50

Güncelleme

2026-01-12 16:04:30

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-284 Iso-fm Firmware HIGH Itel 2025

Referanslar

https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63219_ITEL%20ISO%20FM%20SFN%20Adapter%20-%20Session%20Hijacking https://www.itel.it/

Benzer Kayıtlar

Critical

CVE-2025-63224

The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper JWT validation across…

Critical

CVE-2025-63216

The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across…

Critical

CVE-2025-63217

The Itel DAB MUX (IDMUX build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across dev…