CVE-2025-66573

HIGH

Solstice Pod API <6.2 - Info Disclosure

Title source: llm

Description

Solstice Pod API (version 5.5, 6.2) contains an unauthenticated API endpoint (`/api/config`) that exposes sensitive information such as the session key, server version, product details, and display name. Unauthorized users can extract live session information by accessing this endpoint without authentication.

Exploits (1)

exploitdb WORKING POC

by Thomas Heverin · textlocalwindows

https://www.exploit-db.com/exploits/52104

View Code ZIP pw:eip

References (4)

[Product] https://documentation.mersive.com/en/solstice/about-solstice.html

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/52104

[Product] https://www.mersive.com/

[Third Party Advisory] https://www.vulncheck.com/advisories/solstice-pod-api-session-key-extraction-via-api-endpoint

Scores

CVSS v3 7.5

EPSS 0.0011

EPSS Percentile 29.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-319

Status published

Products (4)

mersive/Solstice Pod API Session Key Extraction via API Endpoint 5.5

mersive/Solstice Pod API Session Key Extraction via API Endpoint 6.2

mersive/solstice_pod_firmware 5.6

mersive/solstice_pod_firmware 6.2

Published Dec 04, 2025

Tracked Since Feb 18, 2026