CVE-2025-56009
BaseFortify
Publication date: 2025-10-23
Last updated on: 2025-11-04
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| keenetic | keeneticos | to 4.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Cross-Site Request Forgery (CSRF) issue in KeeneticOS versions before 4.3 at the /rci API endpoint. It allows an attacker to trick a logged-in user into visiting a malicious webpage, which then silently performs unauthorized actions on the router. Specifically, the attacker can add new users with full administrative permissions to the device, effectively taking control of it. The attack requires the victim to be authenticated and logged into the router's web interface at the time of the attack. [1]
How can this vulnerability impact me? :
If exploited, this vulnerability can allow an attacker to gain full administrative control over your Keenetic router by adding new users with full permissions without your knowledge. This can lead to unauthorized changes to your network settings, potential interception or manipulation of your network traffic, and overall compromise of your device's security and privacy. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
There is no specific detection method or commands provided in the available resources to identify this CSRF vulnerability on your network or system. Detection would typically involve monitoring for unauthorized user additions or suspicious activity on the /rci API endpoint, but no explicit commands or tools are mentioned.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately upgrade your KeeneticOS firmware to version 4.3 or later, which includes patches for CVE-2025-56009. Firmware updates can be applied via the device's web interface or the Keenetic mobile app. Additionally, avoid logging into the router's web interface from untrusted networks or browsers to reduce risk until the update is applied. [1]