Security Advisory

CVE-2025-34512

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-16 17:55:29

Last updated 2026-05-25 23:41:32

Assigner VulnCheck

State PUBLISHED

Description

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a reflected cross-site scripting (XSS) vulnerability in index.php that allows an unauthenticated attacker to execute arbitrary script in the victims browser. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to the internet.

← Browse all CVEs View on cve.org ↗