CVE-2019-25242
Unknown Unknown - Not Provided
CSRF in FaceSentry 6.4.8 Enables Unauthorized Admin Actions

Publication date: 2025-12-24

Last updated on: 2025-12-24

Assigner: VulnCheck

Description
FaceSentry Access Control System 6.4.8 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change administrator passwords, add new admin users, or open access control doors by tricking authenticated users into loading a specially crafted webpage.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-24
Last Modified
2025-12-24
Generated
2026-06-16
AI Q&A
2025-12-24
EPSS Evaluated
2026-06-15
NVD
CVE-2019-25242
EUVD
EUVD-2025-205316
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
iwt_ltd facesentry_access_control_system 5.7.0
iwt_ltd facesentry_access_control_system 5.7.2
iwt_ltd facesentry_access_control_system 6.4.8
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-352 The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2019-25242 is a Cross-Site Request Forgery (CSRF) vulnerability in FaceSentry Access Control System version 6.4.8 and earlier firmware versions. It allows attackers to trick authenticated users into loading malicious web pages that perform unauthorized administrative actions without their consent. These actions include changing administrator passwords, adding new admin users, enrolling special cards with elevated privileges, and remotely opening access control doors. The vulnerability exists because the web application interface does not properly validate the authenticity of HTTP requests, enabling attackers to execute privileged operations if a logged-in user visits a crafted malicious website. [1, 2]

Impact Analysis

This vulnerability can lead to unauthorized administrative control over the FaceSentry Access Control System. An attacker can change administrator passwords, add new administrative users, enroll special cards with elevated privileges, and open doors remotely without user consent. This compromises the security of physical access control, potentially allowing unauthorized individuals to gain access to restricted areas, disrupt operations, or manipulate user management and system settings. [1, 2]

Detection Guidance

This vulnerability can be detected by monitoring for unauthorized or suspicious HTTP POST requests to specific endpoints of the FaceSentry Access Control System's web interface, such as personalSetting.php, userList.php, specialCard.php, and openDoor.php. These requests may include parameters that change administrator passwords, add new admin users, enroll special cards, or open doors. Detection can involve capturing and analyzing web traffic for such POST requests without proper CSRF tokens or validation. Specific commands are not provided, but using tools like Wireshark or tcpdump to capture HTTP traffic and grep or similar tools to filter POST requests to these endpoints can help identify exploitation attempts. [1, 2]

Mitigation Strategies

Immediate mitigation steps include restricting access to the FaceSentry web administration interface to trusted networks or IP addresses, educating users to avoid visiting untrusted or suspicious websites while logged into the system, and monitoring for suspicious HTTP POST requests to administrative endpoints. Since the vulnerability arises from lack of CSRF protection, applying any available patches or firmware updates from the vendor is recommended if available. If no patch is available, consider disabling web administration or implementing additional network-level protections such as web application firewalls to block unauthorized requests. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25242. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart