CVE-2025-66953

Description

CSRF vulnerability in narda miteq Uplink Power Contril Unit UPC2 v.1.17 allows a remote attacker to execute arbitrary code via the Web-based management interface and specifically the /system_setup.htm, /set_clock.htm, /receiver_setup.htm, /cal.htm?..., and /channel_setup.htm endpoints

PUBLISHED Reserved 2025-12-08 | Published 2025-12-17 | Updated 2025-12-18 | Assigner mitre

References

github.com/...a miteq Uplink Power Contril Unitl UPC2 _ CSRF exploit

www.nardamiteq.com/

github.com/...a miteq Uplink Power Contril Unitl UPC2 _ CSRF

cve.org (CVE-2025-66953)

nvd.nist.gov (CVE-2025-66953)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.