CVE-2025-66573 – CVE-2025-66573 is an information disclosure vul... (How to Fix)

Q: What is the severity of CVE-2025-66573?

CVE-2025-66573 has a CVSS score of 7.5 (HIGH). CVE-2025-66573 is an information disclosure vulnerability in Solstice Pod API that allows unauthenticated attackers to access sensitive configuration data including session keys. This affects Solstice Pod versions 5.5 and 6.2. Organizations using these versions for screen sharing and collaboration are at risk.

📋 TL;DR

CVE-2025-66573 is an information disclosure vulnerability in Solstice Pod API that allows unauthenticated attackers to access sensitive configuration data including session keys. This affects Solstice Pod versions 5.5 and 6.2. Organizations using these versions for screen sharing and collaboration are at risk.

💻 Affected Systems

Products:

Solstice Pod API

Versions: 5.5, 6.2

Operating Systems: Not OS-specific - affects Solstice Pod software

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the default configuration of Solstice Pod API endpoints.

📦 What is this software?

Solstice Pod Firmware by Mersive

View all CVEs affecting Solstice Pod Firmware →

Solstice Pod Firmware by Mersive

View all CVEs affecting Solstice Pod Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could extract session keys and potentially hijack active sessions, impersonate legitimate users, or gain unauthorized access to shared content and administrative functions.

🟠

Likely Case

Unauthorized users will extract sensitive configuration information including session keys, server details, and product information, enabling reconnaissance for further attacks.

🟢

If Mitigated

With proper network segmentation and access controls, the exposed information would be limited to internal reconnaissance value only.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires only HTTP GET requests to the vulnerable endpoint with no authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.mersive.com/

Restart Required: No

Instructions:

Check Mersive vendor website for security updates. If no patch available, implement workarounds immediately.

🔧 Temporary Workarounds

Network Access Control

linux

Restrict access to Solstice Pod API endpoints using firewall rules or network segmentation.

iptables -A INPUT -p tcp --dport [Solstice_Port] -s [Allowed_IP_Range] -j ACCEPT
iptables -A INPUT -p tcp --dport [Solstice_Port] -j DROP

Reverse Proxy Authentication

all

Place Solstice Pod behind a reverse proxy that requires authentication before accessing the API endpoints.

🧯 If You Can't Patch

Isolate Solstice Pod systems on separate network segments with strict access controls
Implement network monitoring and alerting for unauthorized access attempts to the /api/config endpoint

🔍 How to Verify

Check if Vulnerable:

Run: curl -X GET http://[Solstice_IP]:[Port]/api/config - if it returns configuration data without authentication, system is vulnerable.

Check Version:

Check Solstice Pod web interface or documentation for version information.

Verify Fix Applied:

After implementing controls, attempt the same curl command - it should return authentication error or be blocked.

📡 Detection & Monitoring

Log Indicators:

HTTP GET requests to /api/config endpoint from unauthorized IP addresses
Unusual access patterns to Solstice Pod API

Network Indicators:

Unencrypted HTTP traffic containing session keys or configuration data
External IP addresses accessing internal Solstice Pod endpoints

SIEM Query:

source="solstice.log" AND (uri="/api/config" OR method="GET" AND uri CONTAINS "api")

📊 Metadata

CVE ID: CVE-2025-66573

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-319

EPSS Score: 0.09% exploit probability (26.2th percentile)

Published: December 4, 2025

Last Updated: December 23, 2025

🔗 References

https://documentation.mersive.com/en/solstice/about-solstice.html Product
https://www.exploit-db.com/exploits/52104 Exploit,Third Party Advisory
https://www.mersive.com/ Product
https://www.vulncheck.com/advisories/solstice-pod-api-session-key-extraction-via-api-endpoint Third Party Advisory
https://www.exploit-db.com/exploits/52104 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-66573, you might also want to check these: