HI3120
by Hitron
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-63354 | 0.00 | — | 0.00 | Feb 9, 2026 | Hitron HI3120 v7.2.4.5.2b1 allows stored XSS via the Parental Control option when creating a new filter. The device fails to properly handle inputs, allowing an attacker to inject and execute JavaScript. | |||
| CVE-2025-66963 | 0.00 | — | 0.00 | Dec 15, 2025 | An issue in Hitron HI3120 v.7.2.4.5.2b1 allows a local attacker to obtain sensitive information via the Logout option in the index.html |
- CVE-2025-63354Feb 9, 2026risk 0.00cvss —epss 0.00
Hitron HI3120 v7.2.4.5.2b1 allows stored XSS via the Parental Control option when creating a new filter. The device fails to properly handle inputs, allowing an attacker to inject and execute JavaScript.
- CVE-2025-66963Dec 15, 2025risk 0.00cvss —epss 0.00
An issue in Hitron HI3120 v.7.2.4.5.2b1 allows a local attacker to obtain sensitive information via the Logout option in the index.html