CVE-2025-45422

Proximus · b-box

An access control flaw in Proximus b-box v8c.725A allows authenticated attackers to remotely modify port forwarding rules.

Executive summary

A high-severity access control vulnerability in Proximus b-box v8c.725A enables authenticated attackers to bypass security restrictions and modify network configurations.

Vulnerability

This vulnerability is an incorrect access control flaw within the device's management interface. It allows an attacker who has already achieved a low-privilege authenticated session to bypass restrictions and make arbitrary changes to port forwarding rules.

Business impact

The ability for an attacker to modify port forwarding rules poses a significant risk to network security, potentially allowing for the exposure of internal services to the public internet or facilitating unauthorized lateral movement within the network. With a CVSS score of 8.1, this vulnerability is classified as High; the potential for unauthorized configuration changes could lead to severe security policy violations and data compromise.

Remediation

Immediate Action: Since no specific patch is currently available, prioritize restricting management access to the device to trusted internal segments only.

Proactive Monitoring: Monitor device configuration logs for unexpected modifications to port forwarding rules or other network settings.

Compensating Controls: Ensure that the administrative interface is not exposed to the public internet and enforce strong, unique credentials for all user accounts to prevent initial unauthorized access.

Exploitation status

Public Exploit Available: Yes — a public Proof-of-Concept is available on GitHub.

Analyst recommendation

Given the ease of exploitability and the potential for network-level configuration changes, it is imperative that administrators isolate the management interface of the affected devices. Monitor for any signs of configuration drift until an official firmware update is provided by the vendor.