CVE-2025-7202

Elgato's Key Lights - CSRF

Title source: llm

Description

A Cross-Site Request Forgery (CSRF) in Elgato's Key Lights and related light products allows an attacker to host a malicious webpage that remotely controlles the victim's lights.

References (1)

[Various Sources] https://www.toreon.com/flashing-your-lights-cve-2025-7202/

Scores

EPSS 0.0003

EPSS Percentile 7.5%

Classification

CWE

CWE-352

Status draft

Timeline

Published Aug 06, 2025

Tracked Since Feb 18, 2026