cbcvebase.
CVE-2025-25748
published 2025-03-11

CVE-2025-25748: A CSRF vulnerability in the gestione_utenti.php endpoint of HotelDruid 3.0.7 allows attackers to perform unauthorized actions (e.g., modifying user passwords)…

PriorityP338high7.3CVSS 3.1
AVLACLPRLUINSUCHIHAL
EPSS
0.40%
31.3th percentile
A CSRF vulnerability in the gestione_utenti.php endpoint of HotelDruid 3.0.7 allows attackers to perform unauthorized actions (e.g., modifying user passwords) on behalf of authenticated users by exploiting the lack of origin or referrer validation and the absence of CSRF tokens. NOTE: this is disputed because there is an id_sessione CSRF token.

Affected

2 ranges
VendorProductVersion rangeFixed in
debianhoteldruid< hoteldruid 3.0.8-1 (sid)hoteldruid 3.0.8-1 (sid)
digitaldruidhoteldruid

CVSS provenance

nvdv3.17.3HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
osv7.3HIGH
vendor_debian7.3HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.