Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-2597

Reflected Cross-Site Scripting (XSS) in ITIUM 6050 version 5.5.5.2-b3526 from Impact Technologies. This vulnerability could allow an attacker to execute malicious Javascript code via GET and POST requests to the ‘/index.php’ endpoint and injecting code into the ‘id_session.

Published

2025-03-21T12:15:26.723

Last Modified

2025-04-01T20:24:03.190

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.1 (MEDIUM)

Weaknesses

Type: Secondary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	itechno	itium_6050_firmware	5.5.5.2-b3526	Yes
Hardware	itechno	itium_6050	*	No

References

https://www.incibe.es/en/incibe-cert/notices/aviso/reflected-cross-site-scripting-xss-vulnerability-itium-6050 Third Party Advisory ([email protected])