5.3

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-68273

CVE-2025-68273: Signal K Server Vulnerable to Unauthenticated Information Disclosure via Exposed Endpoints

Signal K Server is a server application that runs on a central hub in a boat. An unauthenticated information disclosure vulnerability in versions prior to 2.19.0 allows any user to retrieve sensitive system information, including the full SignalK data schema, connected serial devices, and installed analyzer tools. This exposure facilitates reconnaissance for further attacks. Version 2.19.0 patches the issue.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2025-68273

CVE-2025-68273:

5.3

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
signalk-server	npm	< 2.19.0	2.19.0

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability lies in the improper authentication configuration within src/tokensecurity.js. Several API endpoints that expose sensitive system information were not included in the list of paths requiring authentication. The analysis of the patch ead2a03d8994969cafcca0320abee16f0e66e7a9 confirms that the remediation involves adding the missing paths (/skServer/serialports, /skServer/availablePaths, /skServer/hasAnalyzer) to the authentication middleware's protection list. When these unprotected endpoints are accessed, the corresponding route handlers defined in src/serverroutes.ts are executed. These handlers, and the functions they subsequently call, are the sources of the information disclosure. Specifically, listAllSerialPorts reveals connected hardware, StreamBundle.getAvailablePaths exposes the entire data schema, and an anonymous handler for /skServer/hasAnalyzer checks for the presence of system tools. These functions would appear in a runtime profile during the exploitation of this vulnerability.

Vulnerable functions

listAllSerialPorts

src/serverroutes.ts

This function is called by the handler for the `/skServer/serialports` endpoint. The endpoint was not protected by authentication, as it was missing from the protected paths list in `src/tokensecurity.js`. This allowed an unauthenticated attacker to retrieve a list of connected serial port devices, exposing hardware configuration.

StreamBundle.getAvailablePaths

src/serverroutes.ts

This function is called by the handler for the `/skServer/availablePaths` endpoint. The endpoint was not protected by authentication because it was missing from the protected paths list in `src/tokensecurity.js`. This allowed an unauthenticated attacker to retrieve the server's full data schema, exposing sensitive information about the vessel's data points and internal server state.

(anonymous function)

src/serverroutes.ts

This anonymous function is the handler for the `/skServer/hasAnalyzer` endpoint. The endpoint was not protected by authentication as it was missing from the protected paths list in `src/tokensecurity.js`. This allowed an unauthenticated attacker to determine if the 'analyzer' tool was installed on the server, revealing system capabilities.

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

5.3

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2025-68273: Signal K Server Vulnerable to Unauthenticated Information Disclosure via Exposed Endpoints

CVE-2025-68273:

5.3

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

CVE-2025-68273: Signal K Server Vulnerable to Unauthenticated Information Disclosure via Exposed Endpoints

5.3

5.3

Basic Information

Basic Information

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Technical Details

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI