CVE-2025-25748
published 2025-03-11CVE-2025-25748: A CSRF vulnerability in the gestione_utenti.php endpoint of HotelDruid 3.0.7 allows attackers to perform unauthorized actions (e.g., modifying user passwords)…
PriorityP338high7.3CVSS 3.1
AVLACLPRLUINSUCHIHAL
EPSS
0.40%
31.3th percentile
A CSRF vulnerability in the gestione_utenti.php endpoint of HotelDruid 3.0.7 allows attackers to perform unauthorized actions (e.g., modifying user passwords) on behalf of authenticated users by exploiting the lack of origin or referrer validation and the absence of CSRF tokens. NOTE: this is disputed because there is an id_sessione CSRF token.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | hoteldruid | < hoteldruid 3.0.8-1 (sid) | hoteldruid 3.0.8-1 (sid) |
| digitaldruid | hoteldruid | — | — |
CVSS provenance
nvdv3.17.3HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
osv7.3HIGH
vendor_debian7.3HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2025-25748: hoteldruid - A CSRF vulnerability in the gestione_utenti.php endpoint of HotelDruid 3.0.7 all...
vendor_debian·2025·CVSS 7.3
CVE-2025-25748 [HIGH] CVE-2025-25748: hoteldruid - A CSRF vulnerability in the gestione_utenti.php endpoint of HotelDruid 3.0.7 all...
A CSRF vulnerability in the gestione_utenti.php endpoint of HotelDruid 3.0.7 allows attackers to perform unauthorized actions (e.g., modifying user passwords) on behalf of authenticated users by exploiting the lack of origin or referrer validation and the absence of CSRF tokens. NOTE: this is disputed because there is an id_sessione CSRF token.
Scope: local
bookworm: open
bullseye: open
sid: resolved (fixed in 3.0.8-1)
OSV
CVE-2025-25748: A CSRF vulnerability in the gestione_utenti
osv·2025-03-11·CVSS 7.3
CVE-2025-25748 [HIGH] CVE-2025-25748: A CSRF vulnerability in the gestione_utenti
A CSRF vulnerability in the gestione_utenti.php endpoint of HotelDruid 3.0.7 allows attackers to perform unauthorized actions (e.g., modifying user passwords) on behalf of authenticated users by exploiting the lack of origin or referrer validation and the absence of CSRF tokens. NOTE: this is disputed because there is an id_sessione CSRF token.
GHSA
GHSA-r375-j569-v9qr: A CSRF vulnerability in the gestione_utenti
ghsa_unreviewed·2025-03-11
CVE-2025-25748 [HIGH] CWE-352 GHSA-r375-j569-v9qr: A CSRF vulnerability in the gestione_utenti
A CSRF vulnerability in the gestione_utenti.php endpoint of HotelDruid 3.0.7 allows attackers to perform unauthorized actions (e.g., modifying user passwords) on behalf of authenticated users by exploiting the lack of origin or referrer validation and the absence of CSRF tokens.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-03-11
Published