Vulnerability Details CVE-2025-65573
Cross Site Request Forgery (CSRF) vulnerability in AllskyTeam AllSky v2024.12.06_06 allows remote attackers to cause a denial of service via function handle_interface_POST_and_status.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.1%
CVSS Severity
CVSS v3 Score 8.8
References
- https://gh0stmezh.wordpress.com/2025/12/05/cve-2025-65573/
- https://github.com/AllskyTeam/allsky
- https://github.com/AllskyTeam/allsky/blob/master/html/includes/dashboard_LAN.php
- https://github.com/AllskyTeam/allsky/blob/master/html/includes/dashboard_WLAN.php
- https://github.com/AllskyTeam/allsky/blob/master/html/includes/functions.php
- https://gh0stmezh.wordpress.com/2025/12/05/cve-2025-65573/
Products affected by CVE-2025-65573
-
cpe:2.3:a:allskyteam:allsky:2024.12.06_06