CVE-2025-67015

Published: Dic 26, 2025 Last Modified: Gen 02, 2026
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,5
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: none
Availability: none

Description

AI Translation Available

Incorrect access control in Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem with firmware v2.5.1 allows attackers to change the Administrator password and escalate privileges via sending a crafted POST request to /Forms/admin_access_1.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0004
Percentile
0,1th
Updated

EPSS Score Trend (Last 79 Days)

284

Improper Access Control

Incomplete
Abstraction: Pillar Structure: Simple
Common Consequences
Security Scopes Affected:
Other
Potential Impacts:
Varies By Context
Applicable Platforms
Technologies: ICS/OT, Not Technology-Specific, Web Based
View CWE Details
Operating System

Cdm-625 Firmware by Comtech

Product Information
Vendor Comtech
Product Cdm-625 Firmware
Version 2.5.1
cpe:2.3:o:comtech:cdm-625_firmware:2.5.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Cdm-625A Firmware by Comtech

Product Information
Vendor Comtech
Product Cdm-625A Firmware
Version 2.5.1
cpe:2.3:o:comtech:cdm-625a_firmware:2.5.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://github.com/shiky8/my--cve-vulnerability-research/tr…
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-670…
https://www.comtechefdata.com/
https://www.comtechefdata.com/