CVE-2025-6763
Published: Jun 27, 2025
Modified: Oct 8, 2025
CVSS v3.1
8.1
Description
A vulnerability was found in Comet System T0510, T3510, T3511, T4511, T6640, T7511, T7611, P8510, P8552 and H3531 1.60. Affected by this issue is some unknown functionality of the file /setupA.cfg of the component Web-based Management Interface. Performing manipulation results in missing authentication. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitation is known to be difficult. The exploit has been made public and could be used. There are still doubts about whether this vulnerability truly exists. The vendor explains, that "[d]evices described at CVE are not intended to be exposed into internet and proper security of devices is to end-users."
| Vendor | Product | Versions |
|---|---|---|
Comet System | T0510 | affected 1.60 |
Comet System | T3510 | affected 1.60 |
Comet System | T3511 | affected 1.60 |
Comet System | T4511 | affected 1.60 |
Comet System | T6640 | affected 1.60 |
Comet System | T7511 | affected 1.60 |
Comet System | T7611 | affected 1.60 |
Comet System | P8510 | affected 1.60 |
Comet System | P8552 | affected 1.60 |
Comet System | H3531 | affected 1.60 |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:C
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now