CVE-2025-7202 Cross-Site Request Forgery (CSRF) allowed remote control of Elgato Key Lights

🗓️ 06 Aug 2025 08:28:23Reported by ToreonType

Cross-Site Request Forgery permits remote control of Elgato Key Lights via malicious webpage

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-7202	6 Aug 202509:58	–	circl
CNNVD	Elgato Key Light 安全漏洞	6 Aug 202500:00	–	cnnvd
CVE	CVE-2025-7202	6 Aug 202508:28	–	cve
EUVD	EUVD-2025-23813	3 Oct 202520:07	–	euvd
NVD	CVE-2025-7202	6 Aug 202509:15	–	nvd
Positive Technologies	PT-2025-32143 · Elgato · Elgato Key Lights	6 Aug 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-7202	8 Aug 202509:20	–	redhatcve
Vulnrichment	CVE-2025-7202 Cross-Site Request Forgery (CSRF) allowed remote control of Elgato Key Lights	6 Aug 202508:28	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "Key Light",
    "vendor": "Elgato",
    "versions": [
      {
        "lessThanOrEqual": "1.0.3(218)",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Key Light Air",
    "vendor": "Elgato",
    "versions": [
      {
        "lessThanOrEqual": "1.0.3.220",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Key Light Mini",
    "vendor": "Elgato",
    "versions": [
      {
        "lessThanOrEqual": "1.0.4.239",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Key Light Neo",
    "vendor": "Elgato",
    "versions": [
      {
        "lessThanOrEqual": "1.0.4.206",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Ring Light",
    "vendor": "Elgato",
    "versions": [
      {
        "lessThanOrEqual": "1.0.4.149",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Light Strip",
    "vendor": "Elgato",
    "versions": [
      {
        "lessThanOrEqual": "1.0.4.231",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Light Strip Pro",
    "vendor": "Elgato",
    "versions": [
      {
        "lessThanOrEqual": "1.0.1.145",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
toreon	www.toreon.com/flashing-your-lights-cve-2025-7202/

06 Aug 2025 08:29Current

CVSS 45.1

EPSS0.00143

CWE-352