CVE-2025-63211

Medium CVSS: 6.1

Stored cross-site scripting vulnerability in bridgetech VBC Server & Element Manager, firmware versions 6.5.0-9 thru 6.5.0-10, allows attackers to execute arbitrary code via the addName parameter to the /vbc/core/userSetupDoc/userSetupDoc endpoint.

Vendor

Bridgetech

Product

Vbc Server

CWE

CWE-79

Yayın Tarihi

2025-11-19 19:15:49

Güncelleme

2026-01-15 18:51:49

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Vbc Server MEDIUM Bridgetech 2025

Referanslar

https://bridgetech.tv/ https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63211_bridgetech%20VBC%20Server%20and%20Element%20Manager%20Stored%20%20xss https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63211_bridgetech%20VBC%20Server%20and%20Element%20Manager%20Stored%20%20xss

Benzer Kayıtlar

Medium

CVE-2025-63214

An issue was discovered in bridgetech VBC Server & Element Manager, firmware version 6.5.0-10 , 6.5.0-9, allowing unauth…

High

CVE-2025-63205

An issue was discovered in bridgetech probes VB220 IP Network Probe,VB120 Embedded IP + RF Probe, VB330 High-Capacity Pr…

High

CVE-2025-63208

An issue was discovered in bridgetech VB288 Objective QoE Content Extractor, firmware version 5.6.0-8, allowing attacker…