CVE-2025-66953
Unknown Unknown - Not Provided
CSRF in narda miteq UPC2 Allows Remote Code Execution

Publication date: 2025-12-17

Last updated on: 2025-12-18

Assigner: MITRE

Description
CSRF vulnerability in narda miteq Uplink Power Contril Unit UPC2 v.1.17 allows a remote attacker to execute arbitrary code via the Web-based management interface and specifically the /system_setup.htm, /set_clock.htm, /receiver_setup.htm, /cal.htm?..., and /channel_setup.htm endpoints
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-17
Last Modified
2025-12-18
Generated
2026-06-16
AI Q&A
2025-12-17
EPSS Evaluated
2026-06-15
NVD
CVE-2025-66953
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
narda_miteq uplink_power_control_unit 1.17
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-352 The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a Cross-Site Request Forgery (CSRF) issue in the narda miteq Uplink Power Control Unit UPC2 version 1.17. It allows a remote attacker to execute arbitrary code by exploiting the web-based management interface, specifically targeting the endpoints /system_setup.htm, /set_clock.htm, /receiver_setup.htm, /cal.htm?..., and /channel_setup.htm. [2]

Impact Analysis

The vulnerability can allow a remote attacker to execute arbitrary code on the affected device, potentially leading to unauthorized control or manipulation of the Uplink Power Control Unit. This could disrupt device operation, compromise system integrity, or lead to further attacks within the network. [2]

Detection Guidance

Detection of this CSRF vulnerability involves monitoring HTTP requests to the affected endpoints (/system_setup.htm, /set_clock.htm, /receiver_setup.htm, /cal.htm, /channel_setup.htm) for unauthorized or suspicious POST requests that could indicate exploitation attempts. Commands to detect such activity could include using network monitoring tools like tcpdump or Wireshark to capture HTTP traffic, for example: tcpdump -i <interface> -A 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' and filtering for requests to the specified endpoints. Additionally, reviewing web server logs for unexpected POST requests to these URLs can help detect exploitation attempts. [2]

Mitigation Strategies

Immediate mitigation steps include restricting access to the web-based management interface to trusted networks or IP addresses, implementing CSRF protection mechanisms such as tokens in the web application if possible, and applying any available patches or updates from the vendor. If patches are not available, disabling or limiting access to the vulnerable endpoints (/system_setup.htm, /set_clock.htm, /receiver_setup.htm, /cal.htm, /channel_setup.htm) can reduce risk. Monitoring and alerting on suspicious activity targeting these endpoints is also recommended. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-66953. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart