Описание
Cross Site Request Forgery (CSRF) vulnerability in AllskyTeam AllSky v2024.12.06_06 allows remote attackers to cause a denial of service via function handle_interface_POST_and_status.
Cross Site Request Forgery (CSRF) vulnerability in AllskyTeam AllSky v2024.12.06_06 allows remote attackers to cause a denial of service via function handle_interface_POST_and_status.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-65573
- https://gh0stmezh.wordpress.com/2025/12/05/cve-2025-65573
- https://github.com/AllskyTeam/allsky
- https://github.com/AllskyTeam/allsky/blob/master/html/includes/dashboard_LAN.php
- https://github.com/AllskyTeam/allsky/blob/master/html/includes/dashboard_WLAN.php
- https://github.com/AllskyTeam/allsky/blob/master/html/includes/functions.php
Связанные уязвимости
CVSS3: 8.8
nvd
2 месяца назад
Cross Site Request Forgery (CSRF) vulnerability in AllskyTeam AllSky v2024.12.06_06 allows remote attackers to cause a denial of service via function handle_interface_POST_and_status.