Cybersecurity Vulnerabilities

CVE-2025-66573: Critical Vulnerability Exposes Sensitive Data in Solstice Pod API

December 4, 2025 - By 

Overview

CVE-2025-66573 is a critical vulnerability identified in the Solstice Pod API, specifically affecting versions 5.5 and 6.2. This flaw stems from an unauthenticated API endpoint (`/api/config`) that inadvertently exposes sensitive information. This information includes the session key, server version, product details, and the display name of the Solstice Pod. The lack of authentication on this endpoint allows unauthorized users to access and extract live session information, potentially leading to various security risks.

Technical Details

The vulnerability resides in the `/api/config` endpoint of the Solstice Pod API. This endpoint, designed to provide configuration details, lacks proper authentication mechanisms in versions 5.5 and 6.2. An attacker can simply send an HTTP request to this endpoint without providing any credentials and receive a JSON response containing sensitive data. The exposed session key is particularly concerning, as it can be used to potentially eavesdrop on or even hijack active Solstice Pod sessions.

CVSS Analysis

Due to the nature of the vulnerability, where sensitive information is exposed, it would typically receive a high CVSS score. However, based on the provided information, no CVSS score or severity was assigned to CVE-2025-66573. A thorough risk assessment is still essential to determine the actual impact to an organization before assigning a risk level.

Possible Impact

The exploitation of CVE-2025-66573 can have significant consequences:

  • Session Hijacking: The exposed session key allows attackers to potentially hijack active Solstice Pod sessions, gaining unauthorized access to shared content and communication.
  • Information Disclosure: Exposure of server version and product details can aid attackers in identifying other potential vulnerabilities in the Solstice Pod deployment.
  • Unauthorized Access: Gaining access to active sessions can allow unauthorized individuals to view or even manipulate shared content.
  • Data Breaches: In environments where sensitive information is shared via Solstice Pod, the compromise of a session could lead to data breaches.

Mitigation or Patch Steps

To mitigate the risks associated with CVE-2025-66573, the following steps are recommended:

  1. Upgrade to a patched version: Mersive should release a patched version of Solstice Pod that addresses this vulnerability by requiring authentication for the `/api/config` endpoint. Monitor the Mersive website for updates.
  2. Network Segmentation: Isolate Solstice Pod devices within a secure network segment to limit the potential impact of a successful exploit.
  3. Web Application Firewall (WAF): Consider implementing a WAF to filter malicious requests targeting the `/api/config` endpoint.
  4. Monitor Network Traffic: Monitor network traffic for unusual activity targeting Solstice Pod devices.

References

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

Related Posts

CVE-2025-61932 Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

CVE-2025-61932: Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

October 23, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *