Vulnerability Details CVE-2025-70545
A stored cross-site scripting (XSS) vulnerability exists in the web management interface of the PPC (Belden) ONT 2K05X router running firmware v1.1.9_206L. The Common Gateway Interface (CGI) component improperly handles user-supplied input, allowing a remote, unauthenticated attacker to inject arbitrary JavaScript that is persistently stored and executed when the affected interface is accessed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.0%
CVSS Severity
CVSS v3 Score 6.1
Products affected by CVE-2025-70545
-
cpe:2.3:h:belden:ppc_2k05x:-
-
cpe:2.3:o:belden:ppc_2k05x_firmware:1.1.9_206l