CVE-2025-24715

Summary

CVE-2025-24715 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the Counter Box application from version n/a through 2.0.5. A successful exploit of this weakness allows an attacker to submit malicious requests on behalf of a user who is currently logged into the vulnerable application. This can result in unintended actions being performed in the victim's name, such as changing account settings or initiating financial transactions. The potential impact of this vulnerability includes data compromise and unauthorized access, posing a significant risk to users of the affected Counter Box version. It is recommended that users update to the latest, secure version of the application as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.