Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2025-10546

UNKNOWN
Published 2025-09-16T12:18:58.822Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2025-10546. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

This vulnerability exist in PPC 2K15X Router, due to improper input validation for the Common Gateway Interface (CGI) parameters at its web management portal. A remote attacker could exploit this vulnerability by injecting malicious JavaScript into the vulnerable parameter, leading to a reflected Cross-Site Scripting (XSS) attack on the targeted system.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

PPC Technologies

PPC XPON ONT (Optical Network Terminal) 2K15X

Affected Versions:

v2.3.15PPCL v1.0.3

EU Vulnerability Database

Monitored by ENISA for EU cybersecurity

EU Coordination

Not EU Coordinated

Exploitation Status

No Known Exploitation

EUVD ID

View on ENISA

ENISA Analysis

This vulnerability exist in PPC 2K15X Router, due to improper input validation for the Common Gateway Interface (CGI) parameters at its web management portal. A remote attacker could exploit this vulnerability by injecting malicious JavaScript into the vulnerable parameter, leading to a reflected Cross-Site Scripting (XSS) attack on the targeted system.

Affected Products (ENISA)

ppc technologies
ppc xpon ont (optical network terminal) 2k15x

ENISA Scoring

CVSS Score (4.0)

5.1
/10
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

EPSS Score

0.150
probability

ENISA References

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0215
https://nvd.nist.gov/vuln/detail/CVE-2025-10546

Data provided by ENISA EU Vulnerability Database. Last updated: September 16, 2025

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-rc2v-gr94-vj6f

Advisory Details

This vulnerability exist in PPC 2K15X Router, due to improper input validation for the Common Gateway Interface (CGI) parameters at its web management portal. A remote attacker could exploit this vulnerability by injecting malicious JavaScript into the vulnerable parameter, leading to a reflected Cross-Site Scripting (XSS) attack on the targeted system.

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-10546
WEB https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0215

Advisory provided by GitHub Security Advisory Database. Published: September 16, 2025, Modified: September 16, 2025

References

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0215
Published: 2025-09-16T12:18:58.822Z
Last Modified: 2025-09-16T12:18:58.822Z
Copied to clipboard!