MidnightBSD

Advisories for etlsystems

CVE-2025-67013

The web management interface in ETL Systems Ltd DEXTRA Series ' Digital L-Band Distribution System v1.8 does not implement Cross-Site Request Forgery (CSRF) protection mechanisms (no tokens, no Origin/Referer validation) on critical configuration endpoints.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

Products Affected

Vendor Product Version
etlsystems d0104s1ula-22450_firmware 1.8
etlsystems d0116s1ula-22414_firmware 1.8
etlsystems c0801s1ula-22457_firmware 1.8
etlsystems c0401s1ula-22455_firmware 1.8
etlsystems d0104d1ula-22411_firmware 1.8
etlsystems c1601s1ula-22422_firmware 1.8
etlsystems d0108d1uia-22473_firmware 1.8
etlsystems c0401d1ula-22456_firmware 1.8
etlsystems d0104s1ula-22410_firmware 1.8
etlsystems h0108d1ula-22431_firmware 1.8
etlsystems d0108d1ula-22413_firmware 1.8
etlsystems d0108s1ula-22412_firmware 1.8
etlsystems d0108d1ula-22453_firmware 1.8
etlsystems c0801d1ula-22458_firmware 1.8
etlsystems d0104d1ula-22451_firmware 1.8
etlsystems c0401d1uia-22476_firmware 1.8
etlsystems c0801s1ula-22420_firmware 1.8
etlsystems d0116s1uia-22474_firmware 1.8
etlsystems c0401s1ula-22418_firmware 1.8
etlsystems c0401d1ula-22419_firmware 1.8
etlsystems c1601s1uia-22479_firmware 1.8
etlsystems d0116s1ula-22454_firmware 1.8
etlsystems h0104d1ula-22460_firmware 1.8
etlsystems c0801d1ula-22421_firmware 1.8
etlsystems c1601s1ula-22459_firmware 1.8
etlsystems d0108s1ula-22452_firmware 1.8
etlsystems h0108d1ula-22461_firmware 1.8