1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: KUNBUS
- Equipment: Revolution Pi
- Vulnerabilities: Missing Authentication for Critical Function, Authentication Bypass by Primary Weakness, Improper Neutralization of Server-Side Includes (SSI) Within a Web Page
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow attackers to bypass authentication, gain unauthorized access to critical functions, and execute malicious server-side includes (SSI) within a web page.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of KUNBUS Revolution Pi are affected:
Revolution Pi OS Bookworm: Versions 01/2025 and earlier
Revolution Pi PiCtory: Versions 2.5.0 through 2.11.1
Revolution Pi PiCtory: Versions 2.11.1 and earlier
3.2 VULNERABILITY OVERVIEW
3.2.1 Missing Authentication for Critical Function CWE-306
KUNBUS Revolution Pi OS Bookworm 01/2025 is vulnerable because authentication is not configured by default for the Node-RED server. This can give an unauthenticated remote attacker full access to the Node-RED server where they can run arbitrary commands on the underlying operating system.
CVE-2025-24522 has been assigned to this vulnerability. A CVSS v3.1 base score of 10.0 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2025-24522. A base score of 9.3 has been calculated; the CVSS vector string is (This article has been indexed from All CISA Advisories