Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-bxc6-5gxt-b7d8
SummaryKAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 allow authentication bypass during session validation. If any user is logged in, endpoints such as /cgi-bin/system-tool accept unauthenticated requests with empty or invalid session values. This design flaw lets attackers piggyback on another user's active session to retrieve sensitive configuration data or execute privileged actions without authentication.
Aliases
0
alias CVE-2025-68717
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68717
reference_id
reference_type
scores
0
value 0.00118
scoring_system epss
scoring_elements 0.30251
published_at 2026-06-11T12:55:00Z
1
value 0.00118
scoring_system epss
scoring_elements 0.30453
published_at 2026-06-14T12:55:00Z
2
value 0.00118
scoring_system epss
scoring_elements 0.30466
published_at 2026-06-13T12:55:00Z
3
value 0.00118
scoring_system epss
scoring_elements 0.30447
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68717
1
reference_url https://github.com/actuator/cve/blob/main/KAYSUS/CVE-2025-68717.txt
reference_id CVE-2025-68717.txt
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-08T20:37:33Z/
url https://github.com/actuator/cve/blob/main/KAYSUS/CVE-2025-68717.txt
2
reference_url https://github.com/actuator/cve/tree/main/KAYSUS
reference_id KAYSUS
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-08T20:37:33Z/
url https://github.com/actuator/cve/tree/main/KAYSUS
3
reference_url https://www.kaysus.com/ks_wr3600__wifi_7_be3600_wireless_router.html
reference_id ks_wr3600__wifi_7_be3600_wireless_router.html
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-08T20:37:33Z/
url https://www.kaysus.com/ks_wr3600__wifi_7_be3600_wireless_router.html
Weaknesses
Exploits
Severity_range_score9.4 - 9.4
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-bxc6-5gxt-b7d8