CVE-2025-1617

CVSS 3.1 Score 2.4 of 10 (low)

Details

Published Feb 24, 2025

CWE ID 94

CWE ID 79

Summary

CVE-2025-1617 is a recently disclosed vulnerability affecting the Netis WF2780 2.1.41925 firmware. This issue, classified as problematic, lies within the Wireless 2.4G Menu component. A cross-site scripting (XSS) vulnerability is present, allowing attackers to inject malicious code by manipulating the SSID argument. Remotely executing these attacks is possible, increasing the risk to affected systems. Despite early disclosure, the vendor has yet to respond to the disclosure.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3kO3AH
https://www.cve.org/CVERecord?id=CVE-2025-1617
https://nvd.nist.gov/vuln/detail/CVE-2025-1617

Back to Vulnerability Database

CVE-2025-1617

CVSS 3.1 Score 2.4 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations