CVE-2025-45422
Deferred Deferred - Pending Action

Incorrect Access Control in Proximus b-box v8c.725A Allows Port Forwarding Bypass

Vulnerability report for CVE-2025-45422, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-10

Assigner: MITRE

Description

Incorrect access control in Proximus b-box v8c.725A allows authenticated attackers to bypass normal restrictions and make arbitrary changes to port forwarding rules.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-10
Generated
2026-07-11
AI Q&A
2026-07-10
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
proximus b-box 8c.725a

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Compliance Impact

The vulnerability in Proximus b-box routers allows authenticated attackers to bypass access controls and create unauthorized port forwarding rules, exposing internal services to unauthorized access.

This exposure of internal network services could lead to unauthorized access to sensitive data or systems, which may impact compliance with data protection regulations such as GDPR or HIPAA that require strict access controls and protection of personal or sensitive information.

Because the malicious port mappings cannot be permanently removed and UPnP cannot be fully disabled, the vulnerability undermines critical security controls, increasing the risk of data breaches or unauthorized data exposure.

Executive Summary

This vulnerability is an incorrect access control issue found in the Proximus b-box v8c.725A device. It allows attackers who are authenticated to bypass the normal security restrictions and make arbitrary changes to the port forwarding rules on the device.

Impact Analysis

Because authenticated attackers can bypass restrictions and modify port forwarding rules, they could potentially redirect network traffic, expose internal network services to the internet, or create unauthorized access points. This could lead to unauthorized access, data interception, or other network security issues.

Detection Guidance

This vulnerability can be detected by enumerating UPnP port mappings on the affected Proximus b-box router firmware 8c.725A. An attacker or security analyst can use scripts or tools to list existing UPnP port forwarding rules to identify unauthorized or suspicious entries that bypass normal access controls.

A provided Python script in the proof-of-concept repository demonstrates how to enumerate and remove UPnP port mappings, which can be used to detect the presence of malicious or unauthorized port forwarding rules.

While specific commands are not detailed in the resources, using UPnP client tools such as 'upnpc' (from the MiniUPnP project) or custom Python scripts that interact with the router's UPnP service can help detect these unauthorized port mappings.

Mitigation Strategies

Immediate mitigation involves enumerating and removing unauthorized UPnP port forwarding rules using the provided Python script or similar UPnP management tools.

Since UPnP cannot be fully disabled on the affected Proximus b-box devices, and malicious port mappings can only be temporarily disabled via the web interface, continuous monitoring and removal of unauthorized mappings is necessary.

Additionally, restricting authenticated access to the router and monitoring for unusual port forwarding changes can help reduce the risk.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-45422. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart