CVE-2025-67013

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-67013

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

T

he web management interface in ETL Systems Ltd DEXTRA Series ' Digital L-Band Distribution System v1.8 does not implement Cross-Site Request Forgery (CSRF) protection mechanisms (no tokens, no Origin/Referer validation) on critical configuration endpoints.

References
Link Resource
https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-67013%20_%20ETL%20Systems%20Ltd%20DEXTRA%20Series%20_%20CSRF Exploit Third Party Advisory
https://www.etlsystems.com/ Product
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:etlsystems:d0116s1ula-22454_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0116s1ula-22454:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:etlsystems:d0116s1uia-22474_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0116s1uia-22474:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:etlsystems:c0401s1ula-22418_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0401s1ula-22418:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:etlsystems:c0801s1ula-22420_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0801s1ula-22420:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:etlsystems:c1601s1ula-22422_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c1601s1ula-22422:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:etlsystems:c0401s1ula-22455_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0401s1ula-22455:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:etlsystems:c0801s1ula-22457_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0801s1ula-22457:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:etlsystems:c1601s1ula-22459_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c1601s1ula-22459:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:etlsystems:c1601s1uia-22479_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c1601s1uia-22479:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:etlsystems:d0104d1ula-22411_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0104d1ula-22411:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:etlsystems:d0108d1ula-22413_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0108d1ula-22413:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:etlsystems:d0104d1ula-22451_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0104d1ula-22451:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:etlsystems:d0108d1ula-22453_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0108d1ula-22453:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:etlsystems:d0108d1uia-22473_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0108d1uia-22473:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:etlsystems:c0401d1ula-22419_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0401d1ula-22419:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:etlsystems:c0801d1ula-22421_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0801d1ula-22421:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:etlsystems:c0401d1ula-22456_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0401d1ula-22456:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:etlsystems:c0801d1ula-22458_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0801d1ula-22458:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:etlsystems:c0401d1uia-22476_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0401d1uia-22476:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:etlsystems:h0108d1ula-22431_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:h0108d1ula-22431:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:etlsystems:h0104d1ula-22460_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:h0104d1ula-22460:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:etlsystems:h0108d1ula-22461_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:h0108d1ula-22461:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:etlsystems:d0104s1ula-22410_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0104s1ula-22410:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:etlsystems:d0108s1ula-22412_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0108s1ula-22412:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:etlsystems:d0116s1ula-22414_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0116s1ula-22414:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:etlsystems:d0104s1ula-22450_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0104s1ula-22450:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:etlsystems:d0108s1ula-22452_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0108s1ula-22452:-:*:*:*:*:*:*:*
History

02 Jan 2026, 16:10

Type Values Removed Values Added
References () https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-67013%20_%20ETL%20Systems%20Ltd%20DEXTRA%20Series%20_%20CSRF - () https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-67013%20_%20ETL%20Systems%20Ltd%20DEXTRA%20Series%20_%20CSRF - Exploit, Third Party Advisory
References () https://www.etlsystems.com/ - () https://www.etlsystems.com/ - Product
First Time Etlsystems c0401s1ula-22418
Etlsystems c0401d1uia-22476 Firmware
Etlsystems c0801d1ula-22421 Firmware
Etlsystems d0104s1ula-22450
Etlsystems c1601s1ula-22422
Etlsystems c0401s1ula-22455
Etlsystems c0401d1ula-22456 Firmware
Etlsystems h0104d1ula-22460 Firmware
Etlsystems d0108d1ula-22453 Firmware
Etlsystems h0108d1ula-22461
Etlsystems d0108d1ula-22453
Etlsystems d0104d1ula-22411
Etlsystems c0401s1ula-22418 Firmware
Etlsystems d0108s1ula-22452 Firmware
Etlsystems d0116s1ula-22454
Etlsystems d0104s1ula-22410 Firmware
Etlsystems d0104s1ula-22410
Etlsystems d0108d1ula-22413
Etlsystems d0104d1ula-22411 Firmware
Etlsystems c0801s1ula-22457 Firmware
Etlsystems d0104s1ula-22450 Firmware
Etlsystems c1601s1uia-22479
Etlsystems h0108d1ula-22431
Etlsystems c0401d1ula-22419 Firmware
Etlsystems h0104d1ula-22460
Etlsystems c0401d1ula-22456
Etlsystems d0104d1ula-22451 Firmware
Etlsystems c0801s1ula-22420 Firmware
Etlsystems d0116s1ula-22414
Etlsystems d0108d1uia-22473
Etlsystems c0801s1ula-22420
Etlsystems c0801d1ula-22458
Etlsystems d0104d1ula-22451
Etlsystems c1601s1ula-22459
Etlsystems d0108s1ula-22412 Firmware
Etlsystems c0801s1ula-22457
Etlsystems c0401s1ula-22455 Firmware
Etlsystems d0108d1uia-22473 Firmware
Etlsystems d0108s1ula-22412
Etlsystems c0801d1ula-22421
Etlsystems d0116s1ula-22454 Firmware
Etlsystems d0108d1ula-22413 Firmware
Etlsystems d0108s1ula-22452
Etlsystems d0116s1uia-22474 Firmware
Etlsystems c0401d1ula-22419
Etlsystems c1601s1ula-22459 Firmware
Etlsystems c0401d1uia-22476
Etlsystems c0801d1ula-22458 Firmware
Etlsystems d0116s1ula-22414 Firmware
Etlsystems h0108d1ula-22461 Firmware
Etlsystems
Etlsystems c1601s1uia-22479 Firmware
Etlsystems c1601s1ula-22422 Firmware
Etlsystems d0116s1uia-22474
Etlsystems h0108d1ula-22431 Firmware
CPE cpe:2.3:o:etlsystems:d0116s1uia-22474_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:d0108d1ula-22453_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0401d1ula-22419:-:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:d0116s1ula-22414_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:d0104s1ula-22410_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:d0104d1ula-22451_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0801d1ula-22458:-:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0801s1ula-22457:-:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:h0108d1ula-22431_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c1601s1ula-22459:-:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:h0108d1ula-22461:-:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0801s1ula-22420:-:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:h0104d1ula-22460_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0116s1ula-22454:-:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0801d1ula-22421:-:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0108s1ula-22452:-:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:c1601s1uia-22479_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:c1601s1ula-22422_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c1601s1ula-22422:-:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:c0801s1ula-22420_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0401s1ula-22418:-:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0401d1ula-22456:-:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:d0104s1ula-22450_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:c0401d1ula-22456_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0104s1ula-22410:-:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:h0104d1ula-22460:-:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:c0401d1uia-22476_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c1601s1uia-22479:-:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0104s1ula-22450:-:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:c0801d1ula-22421_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:d0108s1ula-22412_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:d0108s1ula-22452_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0108d1ula-22453:-:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0401s1ula-22455:-:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:d0108d1uia-22473_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:c1601s1ula-22459_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:c0401s1ula-22418_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:h0108d1ula-22431:-:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0108s1ula-22412:-:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:d0116s1ula-22454_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:c0401d1uia-22476:-:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0104d1ula-22411:-:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0108d1ula-22413:-:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:c0801d1ula-22458_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:h0108d1ula-22461_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:d0108d1ula-22413_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0104d1ula-22451:-:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0116s1uia-22474:-:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:c0801s1ula-22457_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:c0401s1ula-22455_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0108d1uia-22473:-:*:*:*:*:*:*:*
cpe:2.3:h:etlsystems:d0116s1ula-22414:-:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:c0401d1ula-22419_firmware:1.8:*:*:*:*:*:*:*
cpe:2.3:o:etlsystems:d0104d1ula-22411_firmware:1.8:*:*:*:*:*:*:*

26 Dec 2025, 17:15

Type Values Removed Values Added
CWE CWE-352
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.5

26 Dec 2025, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-12-26 16:15

Updated : 2026-01-02 16:10

NVD link : CVE-2025-67013

Mitre link : CVE-2025-67013

CVE.ORG link : CVE-2025-67013

JSON object : View

Products Affected

etlsystems

CWE
CWE-352

Cross-Site Request Forgery (CSRF)