CVE-2025-25205

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/advplyr/audiobookshelf/blob/1a3d70d04100924d41391acb55bd8ddca486a4fa/server/Auth.js#L17-L41", "name": "https://github.com/advplyr/audiobookshelf/blob/1a3d70d04100924d41391acb55bd8ddca486a4fa/server/Auth.js#L17-L41", "tags": ["Product"], "refsource": ""}, {"url": "https://github.com/advplyr/audiobookshelf/commit/bf8407274e3ee300af1927ee660d078a7a801e1c", "name": "https://github.com/advplyr/audiobookshelf/commit/bf8407274e3ee300af1927ee660d078a7a801e1c", "tags": ["Patch"], "refsource": ""}, {"url": "https://github.com/advplyr/audiobookshelf/commit/ec6537656925a43871b07cfee12c9f383844d224", "name": "https://github.com/advplyr/audiobookshelf/commit/ec6537656925a43871b07cfee12c9f383844d224", "tags": ["Patch"], "refsource": ""}, {"url": "https://github.com/advplyr/audiobookshelf/pull/3584", "name": "https://github.com/advplyr/audiobookshelf/pull/3584", "tags": ["Issue Tracking", "Patch"], "refsource": ""}, {"url": "https://github.com/advplyr/audiobookshelf/security/advisories/GHSA-pg8v-5jcv-wrvw", "name": "https://github.com/advplyr/audiobookshelf/security/advisories/GHSA-pg8v-5jcv-wrvw", "tags": ["Exploit", "Vendor Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Audiobookshelf is a self-hosted audiobook and podcast server. Starting in version 2.17.0 and prior to version 2.19.1, a flaw in the authentication bypass logic allows unauthenticated requests to match certain unanchored regex patterns in the URL. Attackers can craft URLs containing substrings like \"/api/items/1/cover\" in a query parameter (?r=/api/items/1/cover) to partially bypass authentication or trigger server crashes under certain routes. This could lead to information disclosure of otherwise protected data and, in some cases, a complete denial of service (server crash) if downstream code expects an authenticated user object. Version 2.19.1 contains a patch for the issue."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-287"}, {"lang": "en", "value": "CWE-400"}, {"lang": "en", "value": "CWE-202"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-25205", "ASSIGNER": "security-advisories@github.com"}}, "impact": {}, "publishedDate": "2025-02-12T19:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:audiobookshelf:audiobookshelf:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.19.1", "versionStartIncluding": "2.17.0"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-07-03T00:58Z"}