CVE-2025-63211

Stored cross-site scripting vulnerability in bridgetech VBC Server & Element Manager, firmware versions 6.5.0-9 thru 6.5.0-10, allows attackers to execute arbitrary code via the addName parameter to the /vbc/core/userSetupDoc/userSetupDoc endpoint...

CVE-2025-63211

Stored cross-site scripting vulnerability in bridgetech VBC Server & Element Manager, firmware versions 6.5.0-9 thru 6.5.0-10, allows attackers to execute arbitrary code via the addName parameter to the /vbc/core/userSetupDoc/userSetupDoc endpoint...

PT-2025-47515

Name of the Vulnerable Software and Affected Versions bridgetech VBC Server & Element Manager versions 6.5.0-9 through 6.5.0-10 Description A stored cross-site scripting issue exists in bridgetech VBC Server & Element Manager. Successful exploitation allows attackers to execute arbitrary code. Th...

The vulnerability in the `usb_approve.cgi` script of NETGEAR XR300 router software allows a hacker to trigger a service failure.

The vulnerability in the usbapprove.cgi script of NETGEAR XR300 router microprogramming software is related to buffer overflow when processing the addName%d parameter. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending a specially crafted POST request...

NETGEAR XR300 安全漏洞

The NETGEAR XR300 is a wireless router from NETGEAR. A buffer overflow vulnerability exists in NETGEAR XR300 v1.0.3.78, which originates from the addName%d parameter in the usbapprove.cgi component that fails to correctly validate the length of the input data, and can be exploited by a remote...