ITEL
Products
5- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-38294 | Med | 0.40 | 6.1 | 0.00 | Apr 22, 2024 | Certain software builds for the Itel Vision 3 Turbo Android device contain a vulnerable pre-installed app with a package name of com.transsion.autotest.factory (versionCode='7', versionName='1.8.0(220310_1027)') that allows local third-party apps to execute arbitrary shell… | ||
| CVE-2025-63224 | 0.00 | — | 0.01 | Nov 19, 2025 | The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same… | |||
| CVE-2025-63219 | 0.00 | — | 0.00 | Nov 19, 2025 | The ITEL ISO FM SFN Adapter (firmware ISO2 2.0.0.0, WebServer 2.0) is vulnerable to session hijacking due to improper session management on the /home.html endpoint. An attacker can access an active session without authentication, allowing them to control the device, modify… | |||
| CVE-2025-63216 | 0.00 | — | 0.01 | Nov 18, 2025 | The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same… | |||
| CVE-2025-63217 | 0.00 | — | 0.01 | Nov 18, 2025 | The Itel DAB MUX (IDMUX build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same… |
- risk 0.40cvss 6.1epss 0.00
Certain software builds for the Itel Vision 3 Turbo Android device contain a vulnerable pre-installed app with a package name of com.transsion.autotest.factory (versionCode='7', versionName='1.8.0(220310_1027)') that allows local third-party apps to execute arbitrary shell…
- CVE-2025-63224Nov 19, 2025risk 0.00cvss —epss 0.01
The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same…
- CVE-2025-63219Nov 19, 2025risk 0.00cvss —epss 0.00
The ITEL ISO FM SFN Adapter (firmware ISO2 2.0.0.0, WebServer 2.0) is vulnerable to session hijacking due to improper session management on the /home.html endpoint. An attacker can access an active session without authentication, allowing them to control the device, modify…
- CVE-2025-63216Nov 18, 2025risk 0.00cvss —epss 0.01
The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same…
- CVE-2025-63217Nov 18, 2025risk 0.00cvss —epss 0.01
The Itel DAB MUX (IDMUX build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same…