CVE-2025-69203 (CNNVD-202601-008)
中文标题:
Signal K Server 安全漏洞
英文标题:
Signal K Server Vulnerable to Access Request Spoofing
漏洞描述
中文描述:
Signal K Server是Signal K开源的一个船用中央服务器。 Signal K Server 2.19.0之前版本存在安全漏洞,该漏洞源于访问请求系统信任X-Forwarded-For标头且描述字段与权限字段显示不一致,可能导致社会工程学攻击。
英文描述:
Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.19.0 of the access request system have two related features that when combined by themselves and with an information disclosure vulnerability enable convincing social engineering attacks against administrators. When a device creates an access request, it specifies three fields: `clientId`, `description`, and `permissions`. The SignalK admin UI displays the `description` field prominently to the administrator when showing pending requests, but the actual `permissions` field (which determines the access level granted) is less visible or displayed separately. This allows an attacker to request `admin` permissions while providing a description that suggests readonly access. The access request handler trusts the `X-Forwarded-For` HTTP header without validation to determine the client's IP address. This header is intended to preserve the original client IP when requests pass through reverse proxies, but when trusted unconditionally, it allows attackers to spoof their IP address. The spoofed IP is displayed to administrators in the access request approval interface, potentially making malicious requests appear to originate from trusted internal network addresses. Since device/source names can be enumerated via the information disclosure vulnerability, an attacker can impersonate a legitimate device or source, craft a convincing description, spoof a trusted internal IP address, and request elevated permissions, creating a highly convincing social engineering scenario that increases the likelihood of administrator approval. Users should upgrade to version 2.19.0 to fix this issue.
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| SignalK | signalk-server | < 2.19.0 | - | - |
cpe:2.3:a:signalk:signalk-server:<_2.19.0:*:*:*:*:*:*:*
|
| signalk | signal_k_server | * | - | - |
cpe:2.3:a:signalk:signal_k_server:*:*:*:*:*:*:*:*
|
| signalk | signal_k_server | 2.19.0 | - | - |
cpe:2.3:a:signalk:signal_k_server:2.19.0:beta1:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
CVSS评分详情
3.1 (cna)
MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2025-69203 |
2026-01-04 02:04:15 | 2026-01-12 02:12:33 |
| NVD | nvd_CVE-2025-69203 |
2026-01-07 03:00:03 | 2026-01-12 02:28:15 |
| CNNVD | cnnvd_CNNVD-202601-008 |
2026-01-11 06:15:04 | 2026-01-12 02:38:11 |
版本与语言
安全公告
变更历史
查看详细变更
- vulnerability_type: 未提取 -> 其他
- cnnvd_id: 未提取 -> CNNVD-202601-008
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- affected_products_count: 1 -> 3
- data_sources: ['cve'] -> ['cve', 'nvd']