virus logo Intrusion Prevention

Elber.Multiple.Devices.json_data.Authentication.Bypass

description-logoDescription

This indicates an attack attempt to exploit an Authentication Bypass vulnerability in multiple Elber devices.
The vulnerability is due to insufficient authentication check for user requests to the system. A remote, unauthenticated attacker could exploit this vulnerability by sending crafted requests to the target server. Successfully exploiting these vulnerabilities could allow an attacker to invoke unauthorized actions.

affected-products-logoAffected Products

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Revision 1243
Elber Signum DVB-S/S2 IRD For Radio Networks 1.317 Revision 602
Elber Signum DVB-S/S2 IRD For Radio Networks 1.220 Revision 1250
Elber Signum DVB-S/S2 IRD For Radio Networks 1.220 Revision 1248
Elber Signum DVB-S/S2 IRD For Radio Networks 1.220 Revision 1249
Elber Signum DVB-S/S2 IRD For Radio Networks 1.220 Revision 597
Elber Signum DVB-S/S2 IRD For Radio Networks 1.217 Revision 1242
Elber Signum DVB-S/S2 IRD For Radio Networks 1.214 Revision 1023
Elber Signum DVB-S/S2 IRD For Radio Networks 1.193 Revision 924
Elber Signum DVB-S/S2 IRD For Radio Networks 1.175 Revision 873
Elber Signum DVB-S/S2 IRD For Radio Networks 1.166 Revision 550
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Revision 7304
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Revision 7284
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Revision 6505
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Revision 6332
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Revision 6258
Elber Cleber/3 Broadcast Multi-Purpose Platform XS2DAB v1.50 rev 6267
Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link 0.01 Revision 0

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2025-02-19 30.957
Modified
 Sig Added
2024-07-17 28.828
Modified
 Name:Elber.
Multiple.
Devices.
json_data.
Improper.
Authentication:Elber.
Multiple.
Devices.
json_data.
Authentication.
Bypass
2024-07-11 28.825
Modified
 Default_action:pass:drop
2024-06-24 28.813
New

References

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5816.php https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5822.php ZSL-2024-5820 https://www.exploit-db.com/exploits/52002 https://www.exploit-db.com/exploits/52006 https://www.exploit-db.com/exploits/52004 https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5814.php
ID 56025
Created Jun 13, 2024
Updated Feb 19, 2025
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Exploit Prediction Score 15.75%
Default Action drop
Active
Affected OS Other
Affected App Other
Profile Type Improper Authentication