High
CVSS 8.1
Overview
DuraComm SPM-500 DP-10iN-100-MU
is vulnerable to a cross-site scripting attack. This could allow an attacker to prevent legitimate users from accessing the web interface.
CVE-2025-41425
DuraComm SPM-500 DP-10iN-100-MU is vulnerable to a cross-site scripting attack...
Risk analysis
This vulnerability is rated 🟠 HIGH.
- CVSS: 8.1 (HIGH)
- Detected tags: xss (tag impact: MODERATE)
Recommended actions:
- Apply context-aware output encoding.
- Enable Content-Security-Policy and HttpOnly/SameSite cookies.