FKIE_CVE-2025-67013
Vulnerability from fkie_nvd - Published: 2025-12-26 16:15 - Updated: 2026-01-02 16:10
Severity ?
Summary
The web management interface in ETL Systems Ltd DEXTRA Series ' Digital L-Band Distribution System v1.8 does not implement Cross-Site Request Forgery (CSRF) protection mechanisms (no tokens, no Origin/Referer validation) on critical configuration endpoints.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:d0116s1ula-22454_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9A956563-B69E-4D24-A05D-A9F81374234C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:d0116s1ula-22454:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D389841E-9F56-4547-8A3F-C6558F478605",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:d0116s1uia-22474_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7B38C657-791F-4857-B6BB-B561FF3DF2C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:d0116s1uia-22474:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C58A3924-12E1-41BF-8503-D944157B0486",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:c0401s1ula-22418_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4E266D8F-7A51-4E76-88A6-D0F8CC35353D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:c0401s1ula-22418:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CD95334-9D68-482E-84EF-2C7F4BAC095D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:c0801s1ula-22420_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8601E5-B0D3-42E8-A1BF-5AAB2F2603B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:c0801s1ula-22420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "599A9F22-4792-451F-BC8B-9C8F317D37CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:c1601s1ula-22422_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "023BD34A-4E84-4372-8948-A662E2B3311B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:c1601s1ula-22422:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CA2E82A-9A88-4447-B44B-9A64BEF03995",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:c0401s1ula-22455_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "3EFD655E-A0AF-4556-AC5F-6FD81DF1F9C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:c0401s1ula-22455:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F272578-4821-499F-9465-9DADCFF18788",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:c0801s1ula-22457_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6065A81E-8311-47EE-9E59-BF0A552D8CD0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:c0801s1ula-22457:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35A00256-4B59-4DBF-99DA-CC8236E513C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:c1601s1ula-22459_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5815AB76-D420-46EE-BB39-A4E81CB34E2A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:c1601s1ula-22459:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF88591-638A-4121-A025-565D132E77C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:c1601s1uia-22479_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1A779FE0-C09A-411C-9D29-94435CBE71D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:c1601s1uia-22479:-:*:*:*:*:*:*:*",
"matchCriteriaId": "434E9229-23A0-4E09-B3D0-42B77FEFF688",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:d0104d1ula-22411_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A40740A6-D154-4557-9AD1-53E1990EECB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:d0104d1ula-22411:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D46C548C-6E7F-4C9A-B999-E9AEA389976D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:d0108d1ula-22413_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "318A137D-0287-48BB-9C6C-6FC6D5A9D3C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:d0108d1ula-22413:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89529D5E-5F4D-4DE5-9558-A4C808F6CEBC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:d0104d1ula-22451_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1887BA12-8349-4CFC-AD6A-9D985F5039A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:d0104d1ula-22451:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5731B102-9BB5-43FC-A51F-89F6D339293C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:d0108d1ula-22453_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5B42B425-B39E-448E-B0D6-C7292F1B09DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:d0108d1ula-22453:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA1640A-0330-4FB6-A43C-F0D28516CAEA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:d0108d1uia-22473_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1292ED96-B189-4216-96D7-8BB3D171ABA4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:d0108d1uia-22473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05CF574F-283B-4F33-A8D8-F51F3B1BE4AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:c0401d1ula-22419_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6D460DD4-243A-4542-A5D3-9E3AE14277DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:c0401d1ula-22419:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8E21D1-B102-4CA1-A21B-E73D1C195DD6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:c0801d1ula-22421_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "EF0A8D46-9D21-450E-86B3-77F912B4529C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:c0801d1ula-22421:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDE798E2-21E3-46A4-9A96-84097B758CFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:c0401d1ula-22456_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AF1E4071-33E7-433A-9C70-B74B4CB72D09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:c0401d1ula-22456:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98EAEDDE-8D8D-489C-AE6A-FA7F176FD59E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:c0801d1ula-22458_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E483B51-FEC3-41FD-A0FB-8E32DD524396",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:c0801d1ula-22458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA48A5ED-6D0A-40D5-89D7-17E9CB82B6C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:c0401d1uia-22476_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE428D3-4709-4283-A0AD-C188D6F05F2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:c0401d1uia-22476:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33996E70-1B87-4473-B629-2E8DBE9832EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:h0108d1ula-22431_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "52C30944-7988-4230-992D-60D543A524EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:h0108d1ula-22431:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE63386-85FE-4C84-986F-C30597B8EC06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:h0104d1ula-22460_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C2486ACA-FF49-481A-80BD-813320E43A78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:h0104d1ula-22460:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0724E86B-1A4F-470B-9DD0-70B894E6FA20",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:h0108d1ula-22461_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C45E0515-D994-4AEC-A9F2-FE45CFAE6186",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:h0108d1ula-22461:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F21FF66-3965-412E-9EB0-2299430908AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:d0104s1ula-22410_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B2461E72-2D2D-42FE-973B-D8CF970F4508",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:d0104s1ula-22410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48F40E48-6241-4A09-97C8-F7E142AEEA30",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:d0108s1ula-22412_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F420ED07-A318-48F9-A774-3F20DBD6E9ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:d0108s1ula-22412:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21E1EC92-35FC-425A-8AC2-6E8B172D721F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:d0116s1ula-22414_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2F43F0EA-7603-4F3F-A57C-F83631E0C37A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:d0116s1ula-22414:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2CBA22-C617-4E56-AF35-2BB07AD44E38",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:d0104s1ula-22450_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD6A9EF-6477-4186-A245-A99515B41CFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:d0104s1ula-22450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92ED453A-902F-4E33-B72A-DABE0157E0A1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:etlsystems:d0108s1ula-22452_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4ABAC078-9BA8-4E5E-885A-7BFD30F8E756",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:etlsystems:d0108s1ula-22452:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4134CC9F-3783-4B05-A3A0-6095C61B0303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The web management interface in ETL Systems Ltd DEXTRA Series \u0027 Digital L-Band Distribution System v1.8 does not implement Cross-Site Request Forgery (CSRF) protection mechanisms (no tokens, no Origin/Referer validation) on critical configuration endpoints."
}
],
"id": "CVE-2025-67013",
"lastModified": "2026-01-02T16:10:39.420",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-12-26T16:15:44.367",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-67013%20_%20ETL%20Systems%20Ltd%20DEXTRA%20Series%20_%20CSRF"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.etlsystems.com/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…