CVE-2025-53095 — AI Deep Analysis Summary

🚨 **Essence**: Sunshine (before 2025.628.4510) suffers from **CSRF** (Cross-Site Request Forgery).…

🔍 **Root Cause**: **CWE-352** (Cross-Site Request Forgery). The flaw lies in the **Web UI** implementation, which fails to validate request origins or use anti-CSRF tokens.

👥 **Affected**: Users running **LizardByte Sunshine**. Specifically, versions **prior to 2025.628.4510**. If you are on an older build, you are vulnerable.

💀 **Attacker Capabilities**: With user interaction, hackers can execute **arbitrary commands**. This leads to full **Confidentiality, Integrity, and Availability** compromise (CVSS High impact).

⚖️ **Exploitation Threshold**: **Low**. Requires **Network** access, **Low** complexity, and **No Privileges** needed for the attacker.…

📦 **Public Exploit**: **No** public PoC or wild exploitation code is currently listed in the data. However, the vulnerability type (CSRF) is well-understood and easily exploitable manually.

🔎 **Self-Check**: Check your Sunshine version number. If it is **< 2025.628.4510**, you are at risk. Look for Web UI endpoints that accept state-changing requests without CSRF tokens.

🛡️ **Official Fix**: **Yes**. The vendor (LizardByte) has issued a security advisory (GHSA-39hj-fxvw-758m) and a commit fix. **Update immediately** to version 2025.628.4510 or later.

🚧 **No Patch Workaround**: If you cannot update, **disable the Web UI** if not strictly needed. Implement **Network Segmentation** to restrict access to the Sunshine Web UI. Use **Strict CORS** policies if possible.

⚡ **Urgency**: **HIGH**. CVSS Score indicates **Critical** impact (C:H, I:H, A:H). Since it allows arbitrary command execution via a simple UI interaction, patch **immediately** upon upgrading.