Security Advisory

CVE-2025-21603

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-08 03:30:50

Last updated 2025-01-08 14:26:18

Assigner jpcert

State PUBLISHED

Description

Cross-site scripting vulnerability exists in MZK-DP300N firmware versions 1.05 and earlier. If an attacker logs in to the affected product and manipulates the device settings, an arbitrary script may be executed on the logged-in users web browser when accessing a crafted URL.

← Browse all CVEs View on cve.org ↗