Filtered by vendor Itel
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-63217 | 1 Itel | 2 Id Mux, Id Mux Firmware | 2026-01-15 | N/A | 9.8 CRITICAL |
| The Itel DAB MUX (IDMUX build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices. | |||||
| CVE-2025-63216 | 1 Itel | 2 Idgateway, Idgateway Firmware | 2026-01-15 | N/A | 10.0 CRITICAL |
| The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices. | |||||
| CVE-2025-63224 | 1 Itel | 2 Idenc, Idenc Firmware | 2026-01-15 | N/A | 10.0 CRITICAL |
| The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices. | |||||
| CVE-2025-63219 | 1 Itel | 2 Iso-fm, Iso-fm Firmware | 2026-01-12 | N/A | 7.5 HIGH |
| The ITEL ISO FM SFN Adapter (firmware ISO2 2.0.0.0, WebServer 2.0) is vulnerable to session hijacking due to improper session management on the /home.html endpoint. An attacker can access an active session without authentication, allowing them to control the device, modify configurations, and compromise system integrity. | |||||