Unauthenticated Arbitrary File Read in DB Electronica's Mozart FM Transmitter
CVE-2025-66263

8.9HIGH

Key Information:

Vendor: Db Electronica Telecomunicazioni S.p.a.
Status: Mozart Fm Transmitter
Vendor: CVE Published:; 26 November 2025

🔔 Create Db Electronica Telecomunicazioni S.p.a. Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-66263?

The Mozart FM Transmitter from DB Electronica Telecomunicazioni S.p.A. is susceptible to an unauthenticated arbitrary file read vulnerability due to a critical flaw in the download_setting.php script. This vulnerability allows an attacker to exploit null byte injection to bypass file extension restrictions and perform directory traversal. By manipulating the filename parameter, attackers can access sensitive files on the server, including the system password file. This issue primarily affects versions running on PHP 5.3.2 and lower, where the handling of null bytes permits unauthorized disclosure of any file readable by the web server user.

Affected Version(s)

Mozart FM Transmitter 30

Mozart FM Transmitter 50

Mozart FM Transmitter 100

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-66263 - Proof of Concept

References

https://www.abdulmhsblog.com/posts/webfmvulns/

exploittechnical-description

CVSS V4

Score:

8.9

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Nov 26, 2025
👾
Exploit known to exist
Nov 26, 2025
Vulnerability published
Nov 26, 2025
Vulnerability Reserved
Nov 26, 2025

Credit

Abdul Mhanni

JSON