exploitDog

CVE-2025-29231

Опубликовано: 16 дек. 2025

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

A stored cross-site scripting (XSS) vulnerability in the page_save component of Linksys E5600 V1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hostname and domainName parameters.

Ссылки

https://github.com/JZP018/Vuln/blob/main/linsys/E5600/XSS_wan_name/XSS_wan_name.md
Broken Link
https://github.com/Suryaandave/CVES/tree/main/CVE-2025-29231
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:linksys:e5600_firmware:1.1.0.26:*:*:*:*:*:*:*

cpe:2.3:h:linksys:e5600:-:*:*:*:*:*:*:*

EPSS

Процентиль: 9%

0.00031

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-jxcc-3925-qj53

CVSS3: 6.1

github

около 2 месяцев назад

A stored cross-site scripting (XSS) vulnerability in the page_save component of Linksys E5600 V1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hostname and domainName parameters.

EPSS

Процентиль: 9%

0.00031

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79