CVE-2025-41425

Summary

DuraComm SPM-500 DP-10iN-100-MU

is vulnerable to a cross-site scripting attack. This could allow an attacker to prevent legitimate users from accessing the web interface.

Affected Software

VendorProductVersion RangeStatus
DuraComm CorporationSPM-500 DP-10iN-100-MU0 <= Version 4.10affected

Weaknesses

  • CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References