Skip to main content

CVE-2025-5410: Cross-Site Request Forgery in Mist Community Edition

Medium
VulnerabilityCVE-2025-5410cvecve-2025-5410
Published: Sun Jun 01 2025 (06/01/2025, 22:31:05 UTC)
Source: CVE Database V5
Vendor/Project: Mist
Product: Community Edition

Description

A vulnerability was found in Mist Community Edition up to 4.7.1. It has been declared as problematic. This vulnerability affects the function session_start_response of the file src/mist/api/auth/middleware.py. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.7.2 is able to address this issue. The patch is identified as db10ecb62ac832c1ed4924556d167efb9bc07fad. It is recommended to upgrade the affected component.

AI-Powered Analysis

AILast updated: 07/09/2025, 13:10:05 UTC

Technical Analysis

CVE-2025-5410 is a Cross-Site Request Forgery (CSRF) vulnerability identified in Mist Community Edition versions up to 4.7.1. The vulnerability resides in the function session_start_response within the file src/mist/api/auth/middleware.py. CSRF vulnerabilities allow an attacker to trick an authenticated user into submitting a forged HTTP request, potentially causing the user’s browser to perform unwanted actions on the Mist Community Edition application without their consent. This particular vulnerability can be exploited remotely without requiring any privileges or authentication, and only requires user interaction in the form of the victim visiting a maliciously crafted webpage or link. The CVSS 4.0 base score is 5.3 (medium severity), reflecting that the attack vector is network-based, with low attack complexity, no privileges required, but requiring user interaction. The impact primarily affects integrity with limited impact on availability and confidentiality. The vulnerability has been publicly disclosed, but no known exploits in the wild have been reported yet. The vendor has released a patch in version 4.7.2, identified by commit db10ecb62ac832c1ed4924556d167efb9bc07fad, which addresses the issue by presumably implementing proper anti-CSRF protections or request validation in the affected function. Organizations running Mist Community Edition versions 4.7.0 or 4.7.1 should prioritize upgrading to 4.7.2 to mitigate this risk.

Potential Impact

For European organizations using Mist Community Edition, this CSRF vulnerability could allow attackers to perform unauthorized actions on behalf of legitimate users, potentially leading to unauthorized changes in system configurations, session hijacking, or manipulation of user data depending on the application's functionality. While the confidentiality impact is minimal, the integrity of user sessions and application state could be compromised, leading to operational disruptions or unauthorized privilege escalations within the application context. Given that Mist Community Edition is often used in network management or monitoring environments, unauthorized commands or configuration changes could disrupt network operations or expose sensitive infrastructure details. The medium severity rating suggests that while the threat is not critical, it is significant enough to warrant prompt remediation to avoid exploitation, especially in environments with high-value network assets or sensitive operational data. The lack of known exploits in the wild reduces immediate risk but does not eliminate the potential for future attacks, particularly as the exploit details are public.

Mitigation Recommendations

Beyond the immediate recommendation to upgrade to Mist Community Edition version 4.7.2, European organizations should implement several additional measures: 1) Enforce strict Content Security Policy (CSP) headers to reduce the risk of malicious cross-site requests. 2) Implement or verify existing anti-CSRF tokens on all state-changing requests within the application to ensure requests are legitimate. 3) Conduct regular security audits and penetration testing focusing on web application vulnerabilities, including CSRF and session management flaws. 4) Educate users about the risks of clicking on suspicious links or visiting untrusted websites while authenticated to critical systems. 5) Monitor application logs for unusual or unauthorized actions that could indicate exploitation attempts. 6) Employ web application firewalls (WAF) with rules designed to detect and block CSRF attack patterns. 7) Restrict administrative access to the Mist Community Edition interface to trusted networks or VPNs to reduce exposure. These layered defenses will help mitigate the risk even if a patch cannot be immediately applied.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulDB
Date Reserved
2025-05-31T16:51:13.875Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 683cd785182aa0cae227c951

Added to database: 6/1/2025, 10:43:17 PM

Last enriched: 7/9/2025, 1:10:05 PM

Last updated: 8/15/2025, 11:27:35 AM

Views: 11

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats