- Description
- A vulnerability, which was classified as problematic, was found in Netis WF2780 2.1.41925. This affects an unknown part of the component Wireless 2.4G Menu. The manipulation of the argument SSID leads to cross site scripting. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
- Source
- cna@vuldb.com
- NVD status
- Received
CVSS 4.0
- Type
- Secondary
- Base score
- 4.8
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 2.4
- Impact score
- 1.4
- Exploitability score
- 0.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
- Severity
- LOW
CVSS 2.0
- Type
- Secondary
- Base score
- 3.3
- Impact score
- 2.9
- Exploitability score
- 6.4
- Vector string
- AV:N/AC:L/Au:M/C:N/I:P/A:N
- cna@vuldb.com
- CWE-79
- Hype score
- Not currently trending
🚨🚨A new vulnerability, CVE-2025-1617, has been uncovered, targeting the Wireless 2.4G menu on Netis WF2780 routers. Hackers can exploit the "SSID" field with a sneaky Cross-Site Scripting (XSS) attack—yep, your Wi-Fi name could be their way in! 😱 🔥PoC:… https://t.co/u5PeoBMC
@zoomeye_team
24 Feb 2025
593 Impressions
3 Retweets
7 Likes
3 Bookmarks
0 Replies
0 Quotes
CVE-2025-1617 A vulnerability, which was classified as problematic, was found in Netis WF2780 2.1.41925. This affects an unknown part of the component Wireless 2.4G Menu. The manipul… https://t.co/RBOKOHqtVT
@CVEnew
24 Feb 2025
621 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2025-1617 | Netis WF2780 2.1.41925 Wireless 2.4G Menu SSID cross site scripting) has been published on https://t.co/f8N6YLwaLY
@WolfgangSesin
23 Feb 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes