exploitDog

GHSA-98gh-9q2q-78vj

Опубликовано: 05 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

A reflected Cross Site Scripting (XSS) vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint.

A reflected Cross Site Scripting (XSS) vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint.

Ссылки

EPSS

Процентиль: 36%

0.0015

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-64054

CVSS3: 9.6

nvd

2 месяца назад

A reflected Cross Site Scripting (XSS) vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint.

EPSS

Процентиль: 36%

0.0015

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79