CVE-2025-63354

Hitron HI3120 v7.2.4.5.2b1 allows stored XSS via the Parental Control option when creating a new filter. The device fails to properly handle inputs, allowing an attacker to inject and execute JavaScript...

CVE-2025-63354

Hitron HI3120 v7.2.4.5.2b1 allows stored XSS via the Parental Control option when creating a new filter. The device fails to properly handle inputs, allowing an attacker to inject and execute JavaScript...

CVE-2025-63354

Hitron HI3120 v7.2.4.5.2b1 allows stored XSS via the Parental Control option when creating a new filter. The device fails to properly handle inputs, allowing an attacker to inject and execute JavaScript...

CVE-2025-63354

CVE-2025-63354 affects Hitron HI3120 devices (tested with v7.2.4.5.2b1). The flaw is a stored XSS via the Parental Control option when creating a new filter, caused by improper input handling that allows an attacker to inject and execute JavaScript. The available connected documents confirm the s...

Hitron HI3120 安全漏洞

The Hitron HI3120 is a cable modem produced by Hitron Company in Taiwan, China. The Hitron HI3120 v7.2.4.5.2b1 version contains a security vulnerability. This vulnerability arises from improper input handling during the creation of new filters, and it may lead to storage cross-site scripting...

CVE-2025-63354

Hitron HI3120 v7.2.4.5.2b1 allows stored XSS via the Parental Control option when creating a new filter. The device fails to properly handle inputs, allowing an attacker to inject and execute JavaScript...

CVE-2025-63354

Hitron HI3120 v7.2.4.5.2b1 allows stored XSS via the Parental Control option when creating a new filter. The device fails to properly handle inputs, allowing an attacker to inject and execute JavaScript...

CVE-2025-63354

Hitron HI3120 v7.2.4.5.2b1 allows stored XSS via the Parental Control option when creating a new filter. The device fails to properly handle inputs, allowing an attacker to inject and execute JavaScript...

PT-2026-7117

Hitron HI3120 v7.2.4.5.2b1 allows stored XSS via the Parental Control option when creating a new filter. The device fails to properly handle inputs, allowing an attacker to inject and execute JavaScript...

CVE-2009-4868

Cross-site scripting XSS vulnerability in Hitron Soft Answer Me 1.0 allows remote attackers to inject arbitrary web script or HTML via the qid parameter to the answers script aka answers.php. NOTE: some of these details are obtained from third party information...

CVE-2025-66963

An issue in Hitron HI3120 v.7.2.4.5.2b1 allows a local attacker to obtain sensitive information via the Logout option in the index.html...

EUVD-2025-203402

An issue in Hitron HI3120 v.7.2.4.5.2b1 allows a local attacker to obtain sensitive information via the Logout option in the index.html...

CVE-2025-66963

An issue in Hitron HI3120 v.7.2.4.5.2b1 allows a local attacker to obtain sensitive information via the Logout option in the index.html...

CVE-2025-66963

An issue in Hitron HI3120 v.7.2.4.5.2b1 allows a local attacker to obtain sensitive information via the Logout option in the index.html...

CVE-2025-66963

An issue in Hitron HI3120 v.7.2.4.5.2b1 allows a local attacker to obtain sensitive information via the Logout option in the index.html...

Hitron HI3120 安全漏洞

Hitron HI3120 is a cable modem from Hitron Corporation of Taiwan, China. A security vulnerability exists in Hitron HI3120 version 7.2.4.5.2b1, which stems from improper handling of the Logout option and could lead to the disclosure of sensitive information...

CVE-2025-66963

An issue in Hitron HI3120 v.7.2.4.5.2b1 allows a local attacker to obtain sensitive information via the Logout option in the index.html...

PT-2025-51241

An issue in Hitron HI3120 v.7.2.4.5.2b1 allows a local attacker to obtain sensitive information via the Logout option in the index.html...

CVE-2025-66963

CVE-2025-66963 : A vulnerability in Hitron HI3120 firmware v7.2.4.5.2b1 allows a local attacker to disclose sensitive information via the Logout option in the router’s index.html page. The connected sources consistently reference this model/version and the logout-handling flow as the issue origin...

EUVD-2020-29669

Malware in sbrugna...