CVE-2025-8834

LOW EPSS 16.4%

Published Aug 11, 202510mo ago · Modified Jun 17, 20261w ago

1.9 CVSS 4.0

Low

Published Aug 11, 2025 10mo ago

Last Modified Jun 17, 2026 1w ago

Description

A vulnerability has been found in JCG Link-net LW-N915R 17s.20.001.908. Affected is an unknown function of the file /wireless/basic.asp of the component Wireless Basic Settings Page. The manipulation of the argument Network Name leads to cross site scripting. It is possible to launch the attack remotely.

CVSS Details

Base Score

1.9

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector Network

Attack Complexity Low

Privileges Required High

User Interaction P

Scope X

Threat Intelligence

EPSS Exploit Probability

16.4% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 2

CWE-79 Cross-site Scripting Injection

CWE-94 Improper Control of Generation of Code (Code Injection) Injection

References 3

vuldb.com https://vuldb.com/?ctiid.319368
vuldb.com https://vuldb.com/?id.319368
vuldb.com https://vuldb.com/?submit.627228

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.