Security Advisory

CVE-2025-63210

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-19 00:00:00
Last updated 2025-11-19 18:24:00
Assigner mitre
State PUBLISHED

Description

The Newtec Celox UHD (models: CELOXA504, CELOXA820) running firmware version celox-21.6.13 is vulnerable to an authentication bypass. An attacker can exploit this issue by modifying intercepted responses from the /celoxservice endpoint. By injecting a forged response body during the loginWithUserName flow, the attacker can gain Superuser or Operator access without providing valid credentials.