PT-2025-23437 · Unknown · Mist Community Edition

Alex Perrakis

Publicado

2025-06-01

Atualizado

2025-11-25

CVE-2025-5410

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Mist Community Edition versions up to 4.7.1

Description A vulnerability was found in the function session start response of the file src/mist/api/auth/middleware.py. This issue leads to cross-site request forgery and can be initiated remotely.

Recommendations For Mist Community Edition versions up to 4.7.1, upgrade to version 4.7.2 to address this issue.

Exploit

Correção

Missing Authorization

CSRF

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-862CWE-352

Identificadores relacionados

CVE-2025-5410

Produtos afetados

Mist Community Edition

PT-2025-23437 · Unknown · Mist Community Edition

CVE-2025-5410

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 14