ItelCVEs & Vulnerabilities

4 CVEs affecting Itel products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

idenc 1idenc firmware 1idgateway 1idgateway firmware 1id mux 1id mux firmware 1iso-fm 1iso-fm firmware 1
CVE-2025-63224CRITICAL

The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices.

19 Nov 2025
10.0
CVSS
CVE-2025-63219HIGH

The ITEL ISO FM SFN Adapter (firmware ISO2 2.0.0.0, WebServer 2.0) is vulnerable to session hijacking due to improper session management on the /home.html endpoint. An attacker can access an active session without authentication, allowing them to control the device, modify configurations, and compromise system integrity.

19 Nov 2025
7.5
CVSS
CVE-2025-63217CRITICAL

The Itel DAB MUX (IDMUX build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices.

19 Nov 2025
9.8
CVSS
CVE-2025-63216CRITICAL

The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices.

19 Nov 2025
10.0
CVSS
← PrevPage 1 / 1Next →