216.73.217.172

CVE-2025-14701

· Published 17/12/2025 01:15 · Modified 23/12/2025 21:22

Labels: CVE-2025-14701 2025-12-17CVE-2025-14701[email protected]

Essential information

Published
17/12/2025 01:15
Modified
23/12/2025 21:22
Author
Creator
CVSS
7.1 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N

CVSS metrics

Description

An input neutralization vulnerability in the Server MOTD component of Crafty Controller allows a remote, unauthenticated attacker to perform stored XSS via server MOTD modification.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
craftycontrol / crafty controller cpe:2.3:a:craftycontrol:crafty_controller:*:*:*:*:*:*:*:*

References