Browse all 4 CVE security advisories affecting Mist. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Mist provides network access control and visibility solutions for enterprises. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation flaws. The product has faced security incidents, including a 2021 vulnerability (CVE-2021-33044) allowing unauthorized access to sensitive data. Mist's architecture typically involves cloud-managed access points and AI-driven analytics, creating potential attack surfaces in both hardware and software components. Security researchers have identified authentication bypass issues and insecure default configurations in past versions. While offering network security benefits, the platform's complexity and integration with enterprise networks have introduced risks requiring careful deployment and maintenance.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-5412 | Mist Community Edition Authentication Endpoint views.py login cross site scripting — Community EditionCWE-79 | 3.5 | Low | 2025-06-01 |
| CVE-2025-5411 | Mist Community Edition views.py tag_resources cross site scripting — Community EditionCWE-79 | 3.5 | Low | 2025-06-01 |
| CVE-2025-5410 | Mist Community Edition middleware.py session_start_response cross-site request forgery — Community EditionCWE-352 | 4.3 | Medium | 2025-06-01 |
| CVE-2025-5409 | Mist Community Edition API Token views.py create_token access control — Community EditionCWE-284 | 7.3 | High | 2025-06-01 |
This page lists every published CVE security advisory associated with Mist. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.