{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-24T15:15:50.027","vulnerabilities":[{"cve":{"id":"CVE-2025-6763","sourceIdentifier":"cna@vuldb.com","published":"2025-06-27T12:15:45.500","lastModified":"2026-06-17T10:02:31.583","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cna@vuldb.com","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"A vulnerability was found in Comet System T0510, T3510, T3511, T4511, T6640, T7511, T7611, P8510, P8552 and H3531 1.60. Affected by this issue is some unknown functionality of the file /setupA.cfg of the component Web-based Management Interface. Performing manipulation results in missing authentication. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitation is known to be difficult. The exploit has been made public and could be used. There are still doubts about whether this vulnerability truly exists. The vendor explains, that \"[d]evices described at CVE are not intended to be exposed into internet and proper security of devices is to end-users.\""},{"lang":"es","value":"Se detectó una vulnerabilidad crítica en Comet System T0510, T3510, T3511, T4511, T6640, T7511, T7611, P8510, P8552 y H3531 1.60. Esta vulnerabilidad afecta al código desconocido del archivo /setupA.cfg del componente Interfaz de Administración Web. La manipulación provoca la omisión de la autenticación. Se requiere acceso a la red local para este ataque. Es un ataque de complejidad bastante alta. Parece difícil de explotar. Se ha hecho público el exploit y puede que sea utilizado. Se contactó al proveedor con antelación para informarle sobre esta divulgación, pero no respondió."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Comet System","product":"T0510","modules":["Web-based Management Interface"],"versions":[{"version":"1.60","status":"affected"}]},{"vendor":"Comet System","product":"T3510","modules":["Web-based Management Interface"],"versions":[{"version":"1.60","status":"affected"}]},{"vendor":"Comet System","product":"T3511","modules":["Web-based Management Interface"],"versions":[{"version":"1.60","status":"affected"}]},{"vendor":"Comet System","product":"T4511","modules":["Web-based Management Interface"],"versions":[{"version":"1.60","status":"affected"}]},{"vendor":"Comet System","product":"T6640","modules":["Web-based Management Interface"],"versions":[{"version":"1.60","status":"affected"}]},{"vendor":"Comet System","product":"T7511","modules":["Web-based Management Interface"],"versions":[{"version":"1.60","status":"affected"}]},{"vendor":"Comet System","product":"T7611","modules":["Web-based Management Interface"],"versions":[{"version":"1.60","status":"affected"}]},{"vendor":"Comet System","product":"P8510","modules":["Web-based Management Interface"],"versions":[{"version":"1.60","status":"affected"}]},{"vendor":"Comet System","product":"P8552","modules":["Web-based Management Interface"],"versions":[{"version":"1.60","status":"affected"}]},{"vendor":"Comet System","product":"H3531","modules":["Web-based Management Interface"],"versions":[{"version":"1.60","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:C/I:C/A:C","baseScore":7.6,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":4.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-06-27T13:16:02.924574Z","id":"CVE-2025-6763","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cometsystem:t7611_firmware:1-5-7-5.1252:*:*:*:*:*:*:*","matchCriteriaId":"272FDF4F-ACCE-423D-88C3-F7220D14B23E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cometsystem:t7611:-:*:*:*:*:*:*:*","matchCriteriaId":"E24B0044-2E20-41DA-B242-0C3AAC703A65"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cometsystem:t4511_firmware:1-5-7-5.1252:*:*:*:*:*:*:*","matchCriteriaId":"B61E8D58-AD3A-42EC-8B6B-18C3BDD52C82"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cometsystem:t4511:-:*:*:*:*:*:*:*","matchCriteriaId":"07792F16-7C5A-4558-A50F-142D31B54D24"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cometsystem:t0510_firmware:1-5-7-5.1252:*:*:*:*:*:*:*","matchCriteriaId":"BFDD3541-F891-47FA-8D8E-E600EDFC0897"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cometsystem:t0510:-:*:*:*:*:*:*:*","matchCriteriaId":"B9DBB818-2882-4B1E-B117-5B831C6B0FF5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cometsystem:t6640_firmware:1-5-7-5.1252:*:*:*:*:*:*:*","matchCriteriaId":"52D54316-F4A8-42EC-A246-980639D7807E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cometsystem:t6640:-:*:*:*:*:*:*:*","matchCriteriaId":"08EF6EFF-459D-4648-B5D8-15AB6A48DE78"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cometsystem:t3510_firmware:1-5-7-5.1252:*:*:*:*:*:*:*","matchCriteriaId":"ECFFCF0D-1043-4741-95F5-663A181F0D4A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cometsystem:t3510:-:*:*:*:*:*:*:*","matchCriteriaId":"8BF78295-5285-41DE-9631-ECA896438895"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cometsystem:t7511_firmware:1-5-7-5.1251:*:*:*:*:*:*:*","matchCriteriaId":"B2A8D6A7-73FE-406A-865B-38DCFFC7E676"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cometsystem:t7511:-:*:*:*:*:*:*:*","matchCriteriaId":"DC9CB6AD-807F-4DBA-B3DA-49A1B7979DBE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cometsystem:t3511_firmware:1-5-7-2.1151:*:*:*:*:*:*:*","matchCriteriaId":"14D9389E-39A2-4129-A54A-E38C2D3EDB05"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cometsystem:t3511:-:*:*:*:*:*:*:*","matchCriteriaId":"67FD46C9-2984-410E-9C7E-31E5BA77D49D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cometsystem:p8510_firmware:4-5-8-0.3488:*:*:*:*:*:*:*","matchCriteriaId":"7D0335ED-EA2E-4F74-B400-8FC756C738CE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cometsystem:p8510:-:*:*:*:*:*:*:*","matchCriteriaId":"2AD06CD9-C7C0-4268-92BF-B9C348DBFA2B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cometsystem:p8552_firmware:4-5-8-1.3502:*:*:*:*:*:*:*","matchCriteriaId":"00A8789F-B60F-4E2A-90DC-FAEA3DE7A3E5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cometsystem:p8552:-:*:*:*:*:*:*:*","matchCriteriaId":"31660C64-26B9-45ED-97BF-5627B0A67F57"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cometsystem:h3531_firmware:9-5-0-1.1327:*:*:*:*:*:*:*","matchCriteriaId":"3A3F1702-D397-488C-A417-F94087D6FAAB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cometsystem:h3531:-:*:*:*:*:*:*:*","matchCriteriaId":"138B7062-5C0D-4ACF-8EE0-3BB9B44F105B"}]}]}],"references":[{"url":"https://github.com/zeke2997/CVE_request_comet_system","source":"cna@vuldb.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/zeke2997/CVE_request_comet_system#poc","source":"cna@vuldb.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://vuldb.com/?ctiid.314074","source":"cna@vuldb.com","tags":["Permissions Required","VDB Entry"]},{"url":"https://vuldb.com/?id.314074","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/?submit.599848","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://github.com/zeke2997/CVE_request_comet_system","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}}]}