Elber ESE DVB-S/S2 - Authentication Bypass
Multiple Elber products are affected by an authentication bypass vulnerability which allows unauthorized access to the password management functionality. Attackers can exploit this issue by manipulating the endpoint to overwrite any user's password within the system.
References:
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-03
- https://github.com/eeeeeeeeee-code/POC/blob/main/wpoc/wayber/Elber-Wayber%E6%A8%A1%E6%8B%9F%E6%95%B0%E5%AD%97%E9%9F%B3%E9%A2%91%E5%AF%86%E7%A0%81%E9%87%8D%E7%BD%AE%E6%BC%8F%E6%B4%9E.md?plain=1
- https://nvd.nist.gov/vuln/detail/CVE-2025-0674
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
18 days 7 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox