CVE-2025-5410: Cross-Site Request Forgery in Mist Community Edition
A vulnerability was found in Mist Community Edition up to 4.7.1. It has been declared as problematic. This vulnerability affects the function session_start_response of the file src/mist/api/auth/middleware.py. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.7.2 is able to address this issue. The patch is identified as db10ecb62ac832c1ed4924556d167efb9bc07fad. It is recommended to upgrade the affected component.
AI Analysis
Technical Summary
CVE-2025-5410 is a Cross-Site Request Forgery (CSRF) vulnerability identified in Mist Community Edition versions up to 4.7.1. The vulnerability resides in the function session_start_response within the file src/mist/api/auth/middleware.py. CSRF vulnerabilities allow an attacker to trick an authenticated user into submitting a forged HTTP request, potentially causing the user’s browser to perform unwanted actions on the Mist Community Edition application without their consent. This particular vulnerability can be exploited remotely without requiring any privileges or authentication, and only requires user interaction in the form of the victim visiting a maliciously crafted webpage or link. The CVSS 4.0 base score is 5.3 (medium severity), reflecting that the attack vector is network-based, with low attack complexity, no privileges required, but requiring user interaction. The impact primarily affects integrity with limited impact on availability and confidentiality. The vulnerability has been publicly disclosed, but no known exploits in the wild have been reported yet. The vendor has released a patch in version 4.7.2, identified by commit db10ecb62ac832c1ed4924556d167efb9bc07fad, which addresses the issue by presumably implementing proper anti-CSRF protections or request validation in the affected function. Organizations running Mist Community Edition versions 4.7.0 or 4.7.1 should prioritize upgrading to 4.7.2 to mitigate this risk.
Potential Impact
For European organizations using Mist Community Edition, this CSRF vulnerability could allow attackers to perform unauthorized actions on behalf of legitimate users, potentially leading to unauthorized changes in system configurations, session hijacking, or manipulation of user data depending on the application's functionality. While the confidentiality impact is minimal, the integrity of user sessions and application state could be compromised, leading to operational disruptions or unauthorized privilege escalations within the application context. Given that Mist Community Edition is often used in network management or monitoring environments, unauthorized commands or configuration changes could disrupt network operations or expose sensitive infrastructure details. The medium severity rating suggests that while the threat is not critical, it is significant enough to warrant prompt remediation to avoid exploitation, especially in environments with high-value network assets or sensitive operational data. The lack of known exploits in the wild reduces immediate risk but does not eliminate the potential for future attacks, particularly as the exploit details are public.
Mitigation Recommendations
Beyond the immediate recommendation to upgrade to Mist Community Edition version 4.7.2, European organizations should implement several additional measures: 1) Enforce strict Content Security Policy (CSP) headers to reduce the risk of malicious cross-site requests. 2) Implement or verify existing anti-CSRF tokens on all state-changing requests within the application to ensure requests are legitimate. 3) Conduct regular security audits and penetration testing focusing on web application vulnerabilities, including CSRF and session management flaws. 4) Educate users about the risks of clicking on suspicious links or visiting untrusted websites while authenticated to critical systems. 5) Monitor application logs for unusual or unauthorized actions that could indicate exploitation attempts. 6) Employ web application firewalls (WAF) with rules designed to detect and block CSRF attack patterns. 7) Restrict administrative access to the Mist Community Edition interface to trusted networks or VPNs to reduce exposure. These layered defenses will help mitigate the risk even if a patch cannot be immediately applied.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Italy, Spain, Poland
CVE-2025-5410: Cross-Site Request Forgery in Mist Community Edition
Description
A vulnerability was found in Mist Community Edition up to 4.7.1. It has been declared as problematic. This vulnerability affects the function session_start_response of the file src/mist/api/auth/middleware.py. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.7.2 is able to address this issue. The patch is identified as db10ecb62ac832c1ed4924556d167efb9bc07fad. It is recommended to upgrade the affected component.
AI-Powered Analysis
Technical Analysis
CVE-2025-5410 is a Cross-Site Request Forgery (CSRF) vulnerability identified in Mist Community Edition versions up to 4.7.1. The vulnerability resides in the function session_start_response within the file src/mist/api/auth/middleware.py. CSRF vulnerabilities allow an attacker to trick an authenticated user into submitting a forged HTTP request, potentially causing the user’s browser to perform unwanted actions on the Mist Community Edition application without their consent. This particular vulnerability can be exploited remotely without requiring any privileges or authentication, and only requires user interaction in the form of the victim visiting a maliciously crafted webpage or link. The CVSS 4.0 base score is 5.3 (medium severity), reflecting that the attack vector is network-based, with low attack complexity, no privileges required, but requiring user interaction. The impact primarily affects integrity with limited impact on availability and confidentiality. The vulnerability has been publicly disclosed, but no known exploits in the wild have been reported yet. The vendor has released a patch in version 4.7.2, identified by commit db10ecb62ac832c1ed4924556d167efb9bc07fad, which addresses the issue by presumably implementing proper anti-CSRF protections or request validation in the affected function. Organizations running Mist Community Edition versions 4.7.0 or 4.7.1 should prioritize upgrading to 4.7.2 to mitigate this risk.
Potential Impact
For European organizations using Mist Community Edition, this CSRF vulnerability could allow attackers to perform unauthorized actions on behalf of legitimate users, potentially leading to unauthorized changes in system configurations, session hijacking, or manipulation of user data depending on the application's functionality. While the confidentiality impact is minimal, the integrity of user sessions and application state could be compromised, leading to operational disruptions or unauthorized privilege escalations within the application context. Given that Mist Community Edition is often used in network management or monitoring environments, unauthorized commands or configuration changes could disrupt network operations or expose sensitive infrastructure details. The medium severity rating suggests that while the threat is not critical, it is significant enough to warrant prompt remediation to avoid exploitation, especially in environments with high-value network assets or sensitive operational data. The lack of known exploits in the wild reduces immediate risk but does not eliminate the potential for future attacks, particularly as the exploit details are public.
Mitigation Recommendations
Beyond the immediate recommendation to upgrade to Mist Community Edition version 4.7.2, European organizations should implement several additional measures: 1) Enforce strict Content Security Policy (CSP) headers to reduce the risk of malicious cross-site requests. 2) Implement or verify existing anti-CSRF tokens on all state-changing requests within the application to ensure requests are legitimate. 3) Conduct regular security audits and penetration testing focusing on web application vulnerabilities, including CSRF and session management flaws. 4) Educate users about the risks of clicking on suspicious links or visiting untrusted websites while authenticated to critical systems. 5) Monitor application logs for unusual or unauthorized actions that could indicate exploitation attempts. 6) Employ web application firewalls (WAF) with rules designed to detect and block CSRF attack patterns. 7) Restrict administrative access to the Mist Community Edition interface to trusted networks or VPNs to reduce exposure. These layered defenses will help mitigate the risk even if a patch cannot be immediately applied.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-05-31T16:51:13.875Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 683cd785182aa0cae227c951
Added to database: 6/1/2025, 10:43:17 PM
Last enriched: 7/9/2025, 1:10:05 PM
Last updated: 8/12/2025, 10:00:26 AM
Views: 10
Related Threats
CVE-2025-9047: SQL Injection in projectworlds Visitor Management System
MediumCVE-2025-9046: Stack-based Buffer Overflow in Tenda AC20
HighCVE-2025-9028: SQL Injection in code-projects Online Medicine Guide
MediumCVE-2025-26709: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor in ZTE F50
MediumCVE-2025-9027: SQL Injection in code-projects Online Medicine Guide
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.