216.73.216.86

CVE-2025-61198

· Published 06/10/2025 14:15 · Modified 06/10/2025 15:16

Labels: CVE-2025-61198 2025-10-06CVE-2025-61198CWE-79[email protected]

Essential information

Published
06/10/2025 14:15
Modified
06/10/2025 15:16
Author
Creator
CVSS
5.4 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

CVSS metrics

Description

A stored cross-site scripting (XSS) vulnerability in Optimod 5950 - Optimod 5950HD - Optimod 5750 - Optimod 5750HD - Optimod Trio - Optimod version 1.0.0.33 - System version 2.5.26, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the logs which would be returned in logs rendered in the UI.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
optimod / optimod 5950 cpe:2.3:a:optimod:optimod_5950:1.0.0.33:*:*:*:*:*:*:*
optimod / optimod 5950hd cpe:2.3:a:optimod:optimod_5950hd:1.0.0.33:*:*:*:*:*:*:*
optimod / optimod 5750 cpe:2.3:a:optimod:optimod_5750:1.0.0.33:*:*:*:*:*:*:*
optimod / optimod 5750hd cpe:2.3:a:optimod:optimod_5750hd:1.0.0.33:*:*:*:*:*:*:*
optimod / optimod trio cpe:2.3:a:optimod:optimod_trio:1.0.0.33:*:*:*:*:*:*:*

References