CVE-2025-70545
MEDIUMBelden PPC 2K05X Firmware v1.1.9_206L - Unauthenticated Stored Cross-Site Scripting in CGI Component
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2025-70545. PoCs published by jeyabalaji711.
AI-analyzed exploit summary This repository provides a detailed technical description of a stored XSS vulnerability in the PPC (Belden) ONT 2K05X router's web management interface. It includes steps to reproduce the issue and mitigation recommendations, but lacks actual exploit code.
Description
A stored cross-site scripting (XSS) vulnerability exists in the web management interface of the PPC (Belden) ONT 2K05X router running firmware v1.1.9_206L. The Common Gateway Interface (CGI) component improperly handles user-supplied input, allowing a remote, unauthenticated attacker to inject arbitrary JavaScript that is persistently stored and executed when the affected interface is accessed.
Exploits (1)
This repository provides a detailed technical description of a stored XSS vulnerability in the PPC (Belden) ONT 2K05X router's web management interface. It includes steps to reproduce the issue and mitigation recommendations, but lacks actual exploit code.
References (2)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N