CVE-2019-25284

🗓️ 07 Jan 2026 23:11:08Reported by VulnCheckType

cve🔗 web.nvd.nist.gov👁 3 Views🌐 WEB

V-SOL GPON/EPON OLT Platform v2.03 has reflected cross site scripting due to input sanitization issues, enabling arbitrary script execution.

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2019-25284	8 Jan 202603:00	–	circl
CNNVD	V-SOL GPON/EPON OLT Platform 跨站脚本漏洞	8 Jan 202600:00	–	cnnvd
Cvelist	CVE-2019-25284 V-SOL GPON/EPON OLT Platform V2.03.62R_IPv6 v2.03 Reflected Cross-Site Scripting Vulnerability	7 Jan 202623:11	–	cvelist
NVD	CVE-2019-25284	8 Jan 202600:15	–	nvd
Positive Technologies	PT-2026-1680	7 Jan 202600:00	–	ptsecurity
Vulnrichment	CVE-2019-25284 V-SOL GPON/EPON OLT Platform V2.03.62R_IPv6 v2.03 Reflected Cross-Site Scripting Vulnerability	7 Jan 202623:11	–	vulnrichment
Zero Science Lab	V-SOL GPON/EPON OLT Platform v2.03 Reflected XSS Vulnerability	26 Sep 201900:00	–	zeroscience

Vulners

Node

guangzhou_v v-sol_gpon/epon_olt_platformMatchv2.03.62r_ipv6

guangzhou_v v-sol_gpon/epon_olt_platformMatchv2.03.54r

guangzhou_v v-sol_gpon/epon_olt_platformMatchv2.03.52r

guangzhou_v v-sol_gpon/epon_olt_platformMatchv2.03.49

guangzhou_v v-sol_gpon/epon_olt_platformMatchv2.03.47

guangzhou_v v-sol_gpon/epon_olt_platformMatchv2.03.40

guangzhou_v v-sol_gpon/epon_olt_platformMatchv2.03.26

guangzhou_v v-sol_gpon/epon_olt_platformMatchv2.03.24

guangzhou_v v-sol_gpon/epon_olt_platformMatchv1.8.6

guangzhou_v v-sol_gpon/epon_olt_platformMatchv1.4

[
  {
    "vendor": "Guangzhou V",
    "product": "V-SOL GPON/EPON OLT Platform",
    "versions": [
      {
        "version": "V2.03.62R_IPv6",
        "status": "affected"
      },
      {
        "version": "V2.03.54R",
        "status": "affected"
      },
      {
        "version": "V2.03.52R",
        "status": "affected"
      },
      {
        "version": "V2.03.49",
        "status": "affected"
      },
      {
        "version": "V2.03.47",
        "status": "affected"
      },
      {
        "version": "V2.03.40",
        "status": "affected"
      },
      {
        "version": "V2.03.26",
        "status": "affected"
      },
      {
        "version": "V2.03.24",
        "status": "affected"
      },
      {
        "version": "V1.8.6",
        "status": "affected"
      },
      {
        "version": "V1.4",
        "status": "affected"
      }
    ]
  }
]

Source	Link
vsolcn	www.vsolcn.com/
cxsecurity	www.cxsecurity.com/issue/WLB-2019090194
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/167864
packetstormsecurity	www.packetstormsecurity.com/files/154631
zeroscience	www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5537.php

Parameter	Position	Path	Description	CWE
parent	query param	/action/bindProfile.html	Reflected XSS via unsanitized parent parameter in bindProfile.html	CWE-79
sntp_server	query param	/action/ntp.html	Reflected XSS via unsanitized sntp_server parameter in ntp.html	CWE-79

24 May 2026 01:36Current

6.4Medium risk

Vulners AI Score6.4

CVSS 45.1

CVSS 3.16.1

EPSS0.00066

SSVC

CWE-79