Unrated severityNVD Advisory· Published Nov 19, 2025· Updated Nov 19, 2025

CVE-2025-63224

Description

The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices.

Affected products

Itel/DAB Encoderdescription
ITEL/DAB Encoderllm-create
Range: 25aec8d

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63224_Itel%20DAB%20Encoder%20Authentication%20Bypassmitre
www.itel.itmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000