CVE-2025-67015
Unknown Unknown - Not Provided

Improper Access Control in Comtech CDM-625 Allows Privilege Escalation

Vulnerability report for CVE-2025-67015, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-26

Last updated on: 2025-12-26

Assigner: MITRE

Description

Incorrect access control in Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem with firmware v2.5.1 allows attackers to change the Administrator password and escalate privileges via sending a crafted POST request to /Forms/admin_access_1.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-26
Last Modified
2025-12-26
Generated
2026-07-06
AI Q&A
2025-12-26
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
comtech_ef_data cdm-625 2.5.1

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is an incorrect access control issue in Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem with firmware v2.5.1. It allows attackers to change the Administrator password and escalate privileges by sending a specially crafted POST request to the /Forms/admin_access_1 endpoint.

Impact Analysis

An attacker exploiting this vulnerability can gain unauthorized administrative access to the affected modem by changing the Administrator password. This privilege escalation can lead to full control over the device, potentially allowing the attacker to disrupt communications, alter configurations, or use the device for malicious purposes.

Detection Guidance

This vulnerability can be detected by monitoring for crafted POST requests to the endpoint /Forms/admin_access_1 on the Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem. Network traffic analysis tools like tcpdump or Wireshark can be used to capture and inspect HTTP POST requests targeting this path. For example, a command like `tcpdump -i <interface> -A 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep '/Forms/admin_access_1'` can help identify suspicious POST requests. Additionally, reviewing web server logs on the device for POST requests to /Forms/admin_access_1 may reveal attempts to exploit this vulnerability. [1]

Mitigation Strategies

Immediate mitigation steps include restricting access to the /Forms/admin_access_1 endpoint to trusted administrators only, such as by implementing network-level access controls or firewall rules. Additionally, monitoring and blocking suspicious POST requests to this endpoint can help prevent exploitation. If possible, update the firmware to a version that addresses this access control issue once available. Until a patch is released, consider isolating the device from untrusted networks to reduce exposure. [1]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-67015. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart