CVE-2025-63951
BaseFortify
Publication date: 2025-12-18
Last updated on: 2025-12-19
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| miczflor | rpi-jukebox-rfid | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-502 | The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an insecure deserialization issue in the rss-mp3.php script of the MiczFlor RPi-Jukebox-RFID project. Specifically, the 'rss' GET parameter accepts data that is passed directly to the PHP unserialize() function without any validation. This allows a remote, unauthenticated attacker to inject arbitrary PHP objects, which the application then processes. This can lead to errors or denial of service conditions. [2]
How can this vulnerability impact me? :
The vulnerability can allow a remote attacker to cause the application to process maliciously crafted PHP objects, potentially leading to application errors or denial of service. This means the service could become unavailable or unstable due to the attack. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can involve monitoring HTTP requests to the rss-mp3.php script for the 'rss' GET parameter containing serialized PHP objects. You can use network traffic analysis tools like tcpdump or Wireshark to capture requests to rss-mp3.php and inspect the 'rss' parameter. For example, using tcpdump: tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' and then filter for requests containing 'rss='. Additionally, web server logs can be searched for suspicious 'rss' parameter values that include serialized PHP objects (strings starting with 'O:', 'a:', or 's:'). [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling or restricting access to the rss-mp3.php script, especially the 'rss' GET parameter. Applying input validation to ensure that data passed to unserialize() is safe or replacing unserialize() with a safer alternative is recommended. If a patch or updated version of the software is available, apply it promptly. Additionally, implementing web application firewall (WAF) rules to block malicious payloads targeting the 'rss' parameter can help mitigate exploitation. [2]