CVE-2025-67013

Published: Dec 26, 2025Modified: Jan 2, 2026

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Exploitability: 3.9 / Impact: 2.5

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

The web management interface in ETL Systems Ltd DEXTRA Series ' Digital L-Band Distribution System v1.8 does not implement Cross-Site Request Forgery (CSRF) protection mechanisms (no tokens, no Origin/Referer validation) on critical configuration endpoints.

Affected (27)

Products: Etlsystems: D0116s1ula 22454 Firmware, D0116s1uia 22474 Firmware, C0401s1ula 22418 Firmware, C0801s1ula 22420 Firmware, C1601s1ula 22422 Firmware, C0401s1ula 22455 Firmware, C0801s1ula 22457 Firmware, C1601s1ula 22459 Firmware, C1601s1uia 22479 Firmware, D0104d1ula 22411 Firmware, D0108d1ula 22413 Firmware, D0104d1ula 22451 Firmware, D0108d1ula 22453 Firmware, D0108d1uia 22473 Firmware, C0401d1ula 22419 Firmware, C0801d1ula 22421 Firmware, C0401d1ula 22456 Firmware, C0801d1ula 22458 Firmware, C0401d1uia 22476 Firmware, H0108d1ula 22431 Firmware, H0104d1ula 22460 Firmware, H0108d1ula 22461 Firmware, D0104s1ula 22410 Firmware, D0108s1ula 22412 Firmware, D0116s1ula 22414 Firmware, D0104s1ula 22450 Firmware, D0108s1ula 22452 Firmware

Etlsystems

27 products

D0116s1ula 22454 Firmware

D0116s1uia 22474 Firmware

C0401s1ula 22418 Firmware

C0801s1ula 22420 Firmware

C1601s1ula 22422 Firmware

C0401s1ula 22455 Firmware

C0801s1ula 22457 Firmware

C1601s1ula 22459 Firmware

C1601s1uia 22479 Firmware

D0104d1ula 22411 Firmware

D0108d1ula 22413 Firmware

D0104d1ula 22451 Firmware

D0108d1ula 22453 Firmware

D0108d1uia 22473 Firmware

C0401d1ula 22419 Firmware

C0801d1ula 22421 Firmware

C0401d1ula 22456 Firmware

C0801d1ula 22458 Firmware

C0401d1uia 22476 Firmware

H0108d1ula 22431 Firmware

H0104d1ula 22460 Firmware

H0108d1ula 22461 Firmware

D0104s1ula 22410 Firmware

D0108s1ula 22412 Firmware

D0116s1ula 22414 Firmware

D0104s1ula 22450 Firmware

D0108s1ula 22452 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems D0116s1ula 22454 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems D0116s1ula 22454	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems D0116s1uia 22474 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems D0116s1uia 22474	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems C0401s1ula 22418 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems C0401s1ula 22418	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems C0801s1ula 22420 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems C0801s1ula 22420	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems C1601s1ula 22422 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems C1601s1ula 22422	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems C0401s1ula 22455 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems C0401s1ula 22455	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems C0801s1ula 22457 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems C0801s1ula 22457	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems C1601s1ula 22459 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems C1601s1ula 22459	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems C1601s1uia 22479 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems C1601s1uia 22479	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems D0104d1ula 22411 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems D0104d1ula 22411	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems D0108d1ula 22413 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems D0108d1ula 22413	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems D0104d1ula 22451 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems D0104d1ula 22451	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems D0108d1ula 22453 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems D0108d1ula 22453	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems D0108d1uia 22473 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems D0108d1uia 22473	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems C0401d1ula 22419 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems C0401d1ula 22419	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems C0801d1ula 22421 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems C0801d1ula 22421	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems C0401d1ula 22456 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems C0401d1ula 22456	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems C0801d1ula 22458 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems C0801d1ula 22458	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems C0401d1uia 22476 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems C0401d1uia 22476	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems H0108d1ula 22431 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems H0108d1ula 22431	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems H0104d1ula 22460 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems H0104d1ula 22460	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems H0108d1ula 22461 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems H0108d1ula 22461	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems D0104s1ula 22410 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems D0104s1ula 22410	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems D0108s1ula 22412 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems D0108s1ula 22412	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems D0116s1ula 22414 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems D0116s1ula 22414	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems D0104s1ula 22450 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems D0104s1ula 22450	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Etlsystems D0108s1ula 22452 Firmware	Version 1.8

Running on/with	Platform Versions
Etlsystems D0108s1ula 22452	All versions

Related CWEs

CWE-352

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (2)

https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-67013%20_%20ETL%20Systems%20Ltd%20DEXTRA%20Series%20_%20CSRF

Source: cve@mitre.org

ExploitThird Party Advisory

https://www.etlsystems.com/

Source: cve@mitre.org

Product

Timeline

No history available yet.