Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-6763

Опубликовано: 27 июн. 2025
Источник: nvd
CVSS3: 8.1
CVSS2: 7.6
EPSS Низкий

Описание

A vulnerability was found in Comet System T0510, T3510, T3511, T4511, T6640, T7511, T7611, P8510, P8552 and H3531 1.60. Affected by this issue is some unknown functionality of the file /setupA.cfg of the component Web-based Management Interface. Performing manipulation results in missing authentication. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitation is known to be difficult. The exploit has been made public and could be used. There are still doubts about whether this vulnerability truly exists. The vendor explains, that "[d]evices described at CVE are not intended to be exposed into internet and proper security of devices is to end-users."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:cometsystem:t7611_firmware:1-5-7-5.1252:*:*:*:*:*:*:*
cpe:2.3:h:cometsystem:t7611:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:o:cometsystem:t4511_firmware:1-5-7-5.1252:*:*:*:*:*:*:*
cpe:2.3:h:cometsystem:t4511:-:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

cpe:2.3:o:cometsystem:t0510_firmware:1-5-7-5.1252:*:*:*:*:*:*:*
cpe:2.3:h:cometsystem:t0510:-:*:*:*:*:*:*:*
Конфигурация 4

Одновременно

cpe:2.3:o:cometsystem:t6640_firmware:1-5-7-5.1252:*:*:*:*:*:*:*
cpe:2.3:h:cometsystem:t6640:-:*:*:*:*:*:*:*
Конфигурация 5

Одновременно

cpe:2.3:o:cometsystem:t3510_firmware:1-5-7-5.1252:*:*:*:*:*:*:*
cpe:2.3:h:cometsystem:t3510:-:*:*:*:*:*:*:*
Конфигурация 6

Одновременно

cpe:2.3:o:cometsystem:t7511_firmware:1-5-7-5.1251:*:*:*:*:*:*:*
cpe:2.3:h:cometsystem:t7511:-:*:*:*:*:*:*:*
Конфигурация 7

Одновременно

cpe:2.3:o:cometsystem:t3511_firmware:1-5-7-2.1151:*:*:*:*:*:*:*
cpe:2.3:h:cometsystem:t3511:-:*:*:*:*:*:*:*
Конфигурация 8

Одновременно

cpe:2.3:o:cometsystem:p8510_firmware:4-5-8-0.3488:*:*:*:*:*:*:*
cpe:2.3:h:cometsystem:p8510:-:*:*:*:*:*:*:*
Конфигурация 9

Одновременно

cpe:2.3:o:cometsystem:p8552_firmware:4-5-8-1.3502:*:*:*:*:*:*:*
cpe:2.3:h:cometsystem:p8552:-:*:*:*:*:*:*:*
Конфигурация 10

Одновременно

cpe:2.3:o:cometsystem:h3531_firmware:9-5-0-1.1327:*:*:*:*:*:*:*
cpe:2.3:h:cometsystem:h3531:-:*:*:*:*:*:*:*

EPSS

Процентиль: 72%
0.00718
Низкий

8.1 High

CVSS3

7.6 High

CVSS2

Дефекты

CWE-287
CWE-306

Связанные уязвимости

github логотип

GHSA-3gwm-7v5q-jm39

CVSS3: 7.5
github
8 месяцев назад

A vulnerability classified as critical was found in Comet System T0510, T3510, T3511, T4511, T6640, T7511, T7611, P8510, P8552 and H3531 1.60. This vulnerability affects unknown code of the file /setupA.cfg of the component Web-based Management Interface. The manipulation leads to missing authentication. Access to the local network is required for this attack. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

EPSS

Процентиль: 72%
0.00718
Низкий

8.1 High

CVSS3

7.6 High

CVSS2

Дефекты

CWE-287
CWE-306