CVE-2025-6763

Sažetak

A vulnerability classified as critical was found in Comet System T0510, T3510, T3511, T4511, T6640, T7511, T7611, P8510, P8552 and H3531 1.60. This vulnerability affects unknown code of the file /setupA.cfg of the component Web-based Management Interface. The manipulation leads to missing authentication. Access to the local network is required for this attack. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Reference

https://github.com/zeke2997/CVE_request_comet_system
https://github.com/zeke2997/CVE_request_comet_system#poc
https://vuldb.com/?ctiid.314074
https://vuldb.com/?id.314074
https://vuldb.com/?submit.599848
https://github.com/zeke2997/CVE_request_comet_system

CVSS

Base:	6.8
Impact:	10.0
Exploitability:	3.2

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:A/AC:H/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

27-06-2025 - 14:15

Objavljeno

27-06-2025 - 12:15