CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-63354

Hitron HI3120 v7.2.4.5.2b1 allows stored XSS via the Parental Control option when creating a new filter. The device fails to properly handle inputs, allowing an attacker to inject and execute JavaScript.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.9%

CVSS Severity

CVSS v3 Score 4.6

References

https://github.com/kakarotossj3/CVEs/blob/main/Hitron/XSS

Products affected by CVE-2025-63354

Hitrontech » Hi3120 » Version: N/A

cpe:2.3:h:hitrontech:hi3120:-
Hitrontech » Hi3120 Firmware » Version: 7.2.4.5.2b1

cpe:2.3:o:hitrontech:hi3120_firmware:7.2.4.5.2b1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-63354

Products

Pricing

Contact Us