CVE-2025-45422 in b-box
Summary
by MITRE • 07/10/2026
Incorrect access control in Proximus b-box v8c.725A allows authenticated attackers to bypass normal restrictions and make arbitrary changes to port forwarding rules.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 07/10/2026
The vulnerability in Proximus b-box v8c.725A represents a critical access control flaw that undermines the security posture of network infrastructure devices. This issue manifests as an improper authorization mechanism that permits authenticated users to circumvent established security boundaries and manipulate core networking configurations. The device operates under the assumption that legitimate users should have restricted access to certain administrative functions, yet the flawed implementation allows for privilege escalation through port forwarding rule modifications.
The technical root cause stems from inadequate input validation and insufficient permission checks within the device's web interface and API endpoints. When authenticated users attempt to modify port forwarding configurations, the system fails to properly verify whether the requesting user possesses adequate privileges for such operations. This weakness enables attackers who have gained initial access through legitimate means to exploit the flawed authorization logic and execute unauthorized changes that could compromise network security boundaries.
From an operational perspective, this vulnerability presents significant risks to network infrastructure integrity and data protection. Attackers can potentially redirect network traffic to malicious endpoints, create backdoors for persistent access, or disrupt legitimate services by modifying port forwarding rules. The impact extends beyond immediate configuration changes as it may enable lateral movement within network segments and provide attackers with opportunities to establish covert communication channels. Network administrators face the challenge of maintaining secure configurations while dealing with unauthorized modifications that could go undetected for extended periods.
The vulnerability aligns with CWE-285, which addresses improper authorization issues in software systems, and relates to ATT&CK technique T1068, which covers local privilege escalation through improper access control. Security professionals should implement immediate mitigations including network segmentation of administrative interfaces, enhanced monitoring of configuration changes, and regular security assessments of network infrastructure devices. Device vendors must provide urgent firmware updates that address the authorization flaw and ensure proper validation of user permissions before allowing modifications to critical network settings.
Organizations should conduct comprehensive vulnerability assessments to identify other devices within their network infrastructure that may be susceptible to similar access control issues. The remediation process requires careful attention to maintain operational continuity while implementing proper authentication mechanisms and privilege controls. Regular security audits should verify that administrative interfaces properly enforce role-based access controls and that all configuration changes are logged and reviewed for unauthorized modifications. This vulnerability demonstrates the critical importance of robust access control implementations in network infrastructure devices where unauthorized changes can have cascading effects on overall network security posture and business continuity.