FL SWITCH
CVEs (28)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-41745 | 0.00 | — | 0.01 | Dec 9, 2025 | An XSS vulnerability in pxc_portCntr2.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management (WBM). The vulnerability does not provide… | |||
| CVE-2025-41746 | 0.00 | — | 0.09 | Dec 9, 2025 | An XSS vulnerability in pxc_portSecCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management (WBM). The vulnerability does not provide… | |||
| CVE-2025-41747 | 0.00 | — | 0.09 | Dec 9, 2025 | An XSS vulnerability in pxc_vlanIntfCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management (WBM). The vulnerability does not… | |||
| CVE-2025-41748 | 0.00 | — | 0.09 | Dec 9, 2025 | An XSS vulnerability in pxc_Dot1xCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide… | |||
| CVE-2025-41749 | 0.00 | — | 0.01 | Dec 9, 2025 | An XSS vulnerability in port_util.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide access… | |||
| CVE-2025-41750 | 0.00 | — | 0.09 | Dec 9, 2025 | An XSS vulnerability in pxc_PortCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide… | |||
| CVE-2025-41751 | 0.00 | — | 0.09 | Dec 9, 2025 | An XSS vulnerability in pxc_portCntr.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide… | |||
| CVE-2025-41752 | 0.00 | — | 0.09 | Dec 9, 2025 | An XSS vulnerability in pxc_portSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide… |
- CVE-2025-41745Dec 9, 2025risk 0.00cvss —epss 0.01
An XSS vulnerability in pxc_portCntr2.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management (WBM). The vulnerability does not provide…
- CVE-2025-41746Dec 9, 2025risk 0.00cvss —epss 0.09
An XSS vulnerability in pxc_portSecCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management (WBM). The vulnerability does not provide…
- CVE-2025-41747Dec 9, 2025risk 0.00cvss —epss 0.09
An XSS vulnerability in pxc_vlanIntfCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management (WBM). The vulnerability does not…
- CVE-2025-41748Dec 9, 2025risk 0.00cvss —epss 0.09
An XSS vulnerability in pxc_Dot1xCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide…
- CVE-2025-41749Dec 9, 2025risk 0.00cvss —epss 0.01
An XSS vulnerability in port_util.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide access…
- CVE-2025-41750Dec 9, 2025risk 0.00cvss —epss 0.09
An XSS vulnerability in pxc_PortCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide…
- CVE-2025-41751Dec 9, 2025risk 0.00cvss —epss 0.09
An XSS vulnerability in pxc_portCntr.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide…
- CVE-2025-41752Dec 9, 2025risk 0.00cvss —epss 0.09
An XSS vulnerability in pxc_portSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide…
Page 2 of 2