CNNVD-202511-1864 Information

Nov 17, 2025 cve

CNNVD ID

CNNVD-202511-1864

CVE-2025-63292

CNNVD Published: 2025-11-17

Description (Chinese)

Freebox v5等都是法国Free公司的一个电视盒子。 Freebox多款产品存在安全漏洞，该漏洞源于IMSI标识符明文传输，可能导致设备跟踪和用户监控。以下产品及版本受到影响：Freebox v5 HD 1.7.20版本、Freebox v5 Crystal 1.7.20版本、Freebox v6 Révolution r1至r3 4.7.x版本、Freebox Mini 4K 4.7.x版本和Freebox One 4.7.x版本。

Description (English)

Freebox v5 etc. are all TV boxes of the French company Free. There is a safety gap in more than Freebox products, which stems from the express transfer of the IMSI identifier, which may lead to equipment tracking and user monitoring. The following products and versions were affected: Freebox v5 HD 1.7.20, Freebox v5 Crystal 1.7.20, Freebox v6 Révoltion r1 to r3 4.7.x, Freebox Mini 4K 4.7x and Freebox One 4.7.x.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Free

Published

2025-11-17

Last Modified

2026-02-24

References

https://7h30th3r0n3.fr/the-vulnerability-that-killed-freewifi_secure/ https://gist.github.com/7h30th3r0n3/1a0fadb19f1528e3d3f6bad9f680c3b0#file-cve-2025-63292-frebox-imsi-md https://access.redhat.com/security/cve/cve-2025-63292

Share on: