Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-27567

Cross-site scripting vulnerability exists in the NickName registration screen of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the configuration page or functions accessible only from the LAN side of the product.

Published

2025-03-28T09:15:14.103

Last Modified

2025-03-28T18:11:40.180

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.0: 5.4 (MEDIUM)

Weaknesses

Type: Secondary
CWE-79

Affected Vendors & Products

References

https://jvn.jp/en/jp/JVN04278547/ ([email protected])
https://kddi-tech.com/contents/appendix_L2_06.html#64433e4a-8946-9c06-bddf-91cbfe56c8e5 ([email protected])