Skip to content

[GHSA-pggx-8r6v-m6gf] Cross site request forgery (CSRF) vulnerability in... #6352

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: notdenied/advisory-improvement-6352
Choose a base branch
from
Open

[GHSA-pggx-8r6v-m6gf] Cross site request forgery (CSRF) vulnerability in... #6352

wants to merge 1 commit into from

Conversation

@notdenied
Copy link

Updates

  • Affected products
  • CVSS v3
  • References
  • Summary

Comments
I am the author of this CVE. :)

Added title, published a small writeup, some other minor changes.

Not sure if I have to check "Integrity" and "Availability" while the impact is router takeover (RCE) so skip them for now.

Also, if it is possible, may you add me (Andrey Ryzhov) to the credits section, please? This is my CVE (if you need a proof, feel free to contact me).
I've already contacted MITRE for this addition, but also want to add it on Github.

@github-actions github-actions bot changed the base branch from main to notdenied/advisory-improvement-6352 October 26, 2025 11:46
@shelbyc
Copy link
Contributor

shelbyc commented Oct 27, 2025

Hi @notdenied, I have the same question here as I have for #6351 and #6350: Are there any KeeneticOS packages in a supported ecosystem that are affected by CVE-2025-56009? If KeeneticOS doesn't appear in any supported ecosystems, I can't review the advisory.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@notdenied @shelbyc