CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-60967

Cross Site Scripting (XSS) vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0076-000 Ver 4.00 allows attackers to gain sensitive information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.6%

CVSS Severity

CVSS v3 Score 7.3

References

http://endrun.com
http://sonoma.com
https://xdiv-sec.github.io/vulnerability-research/advisories/2025-10-03-sonoma-d12

Products affected by CVE-2025-60967

Endruntechnologies » Sonoma D12 » Version: 4.00

cpe:2.3:h:endruntechnologies:sonoma_d12:4.00
Endruntechnologies » Sonoma D12 Firmware » Version: 6010-0076-000

cpe:2.3:o:endruntechnologies:sonoma_d12_firmware:6010-0076-000

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-60967

Products

Pricing

Contact Us