Unrated severityNVD Advisory· Published Feb 4, 2026· Updated Feb 5, 2026
CVE-2025-70545
CVE-2025-70545
Description
A stored cross-site scripting (XSS) vulnerability exists in the web management interface of the PPC (Belden) ONT 2K05X router running firmware v1.1.9_206L. The Common Gateway Interface (CGI) component improperly handles user-supplied input, allowing a remote, unauthenticated attacker to inject arbitrary JavaScript that is persistently stored and executed when the affected interface is accessed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = v1.1.9_206L
Patches
Vulnerability mechanics
References
1- ppc.commitre
News mentions
0No linked articles in our index yet.