CVE-2025-56009

Description

Cross site request forgery (CSRF) vulnerability in KeeneticOS before 4.3 at "/rci" API endpoint allows attackers to take over the device via adding additional users with full permissions by managing the victim to open page with exploit.

PUBLISHED Reserved 2025-08-16 | Published 2025-10-23 | Updated 2025-10-23 | Assigner mitre

References

keenetic.com/

keenetic.com/global/security

cve.org (CVE-2025-56009)

nvd.nist.gov (CVE-2025-56009)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.