← back
CVE-2025-56008

CVE-2025-56008

CVSS 6.1 MEDIUMEPSS 0.2%CWE-79
Cross site scripting (XSS) vulnerability in KeeneticOS before 4.3 at "Wireless ISP" page allows attackers located near to the router to takeover the device via adding additional users with full permissions.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/notdenied/writeups/blob/main/CVE/CVE-2025-56008.mdhttps://keenetic.com/https://keenetic.com/global/security#october-2025-web-api-vulnerabilities