Description
Cross Site Scripting (XSS) vulnerability in Beetel router 777VR1 can be exploited via the NTP server name in System Time and "Keyword" in URL Filter.
Exploits (1)
nomisec
WORKING POC
3 stars
by the-girl-who-lived · poc
https://github.com/the-girl-who-lived/CVE-2020-25498
References (4)
Core 4
Core References
Broken Link x_refsource_misc
http://beetel.com
Exploit, Third Party Advisory x_refsource_misc
https://github.com/the-girl-who-lived/CVE-2020-25498
Exploit, Third Party Advisory x_refsource_misc
https://youtu.be/qeVHvmS5wtI
Exploit, Third Party Advisory x_refsource_misc
https://youtu.be/u_6yBIMF74A
Scores
CVSS v3
4.8
EPSS
0.0029
EPSS Percentile
52.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
beetel/777vr1_firmware
Published
Jan 06, 2021
Tracked Since
Feb 18, 2026